headers
Razvan Turtureanu | 1 Feb 2007 09:17
Picon

RE: qmail-ldap + AD

hello list,
 
I did some research in the AD schema and I faund that we can use these Attributes:
 
mail;
userPrincipalName - for uid
userAccountControl for accoutStatus- with the values 66050 - desabled  and 66048 enabled (I don't know if this is exactly right)
info - replaytext
 
all of the above can be modified from the dsa.msc console
 
and I am think-ing to extend the active directory schema witn forestprep and domainprep, because I want to use the functionality of qmail-group, and mailForwardingAddress.
 
Dind anyone found another solution for this???
 
 

From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg]
Sent: Wednesday, January 31, 2007 16:53
To: speace <at> ci.webster.ny.us
Cc: ccesario <at> tecnomega.com.br; qmail-ldap <at> qmail-ldap.org
Subject: Re: qmail-ldap + AD

Hi!

Steve Peace wrote:
I did the exact same thing, and it is working fine. I did however set up winbind so I can use my users AD credentials to authenticate them for POP.
For best results one could set up SFU on Windows Domain Controller and run NIS server there,
then set up all *nix boxes to use NIS for auth.
Steve Peace Director of Information Technology Town of Webster 585.872.7030 -----Original Message----- From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg] Sent: Wednesday, January 31, 2007 4:38 AM To: ccesario <at> tecnomega.com.br Cc: qmail-ldap <at> qmail-ldap.org Subject: Re: qmail-ldap + AD Hi! Carlos wrote:
Hi peoples, somebody friend have any experience about configure qmail to authentic in Active Directory ? Any google search mean about change qmail-ldap.h, but I don't search nothing specific. Any idea? Howto ? start guide.....
Yes, it is doable and is working just fine. All you need is to set up qmail-ldap.h ldap attribute names correctly according you AD scheme. Then setup control/ldap* files with servername, login dn, password etc. You could set user login to be its full email address for example.
thanks Carlos


-- Zdravko Stoychev System Software and Support MPS Ltd. zdravko.stoychev <at> mps.bg +359-2-491-1827 (ext.271) Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail This e-mail is intended only for the addressee(s) and may contain privileged and confidential information. It should not be disseminated, distributed, or copied. If you have received this e-mail message by mistake, please inform the sender, and delete it from your system.
Attachment (smime.p7s): application/x-pkcs7-signature, 3074 bytes
Permalink | Reply | 7 comments |
headers
Zdravko Stoychev | 1 Feb 2007 09:34
Picon

Re: qmail-ldap + AD

Hi!

Razvan Turtureanu wrote:
hello list,
 
I did some research in the AD schema and I faund that we can use these Attributes:
 
mail;
userPrincipalName - for uid
userAccountControl for accoutStatus- with the values 66050 - desabled  and 66048 enabled (I don't know if this is exactly right)
Check out:
{ http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschema/adschema/a_useraccountcontrol.asp } ADS_UF_ACCOUNTDISABLE = $00000002; // The user account is disabled. ADS_UF_LOCKOUT = $00000010; // The account is currently locked out. ADS_UF_PASSWORD_EXPIRED = $00800000; // The user password has expired.
info - replaytext
 
all of the above can be modified from the dsa.msc console
 
and I am think-ing to extend the active directory schema witn forestprep and domainprep, because I want to use the functionality of qmail-group, and mailForwardingAddress.
 
Dind anyone found another solution for this???
You are on the right way. Right now I am not using qmail-group, but wanna do it, so if you share any progress would be nice :)
 
 

From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg]
Sent: Wednesday, January 31, 2007 16:53
To: speace <at> ci.webster.ny.us
Cc: ccesario <at> tecnomega.com.br; qmail-ldap <at> qmail-ldap.org
Subject: Re: qmail-ldap + AD

Hi!

Steve Peace wrote:
I did the exact same thing, and it is working fine. I did however set up winbind so I can use my users AD credentials to authenticate them for POP.
For best results one could set up SFU on Windows Domain Controller and run NIS server there,
then set up all *nix boxes to use NIS for auth.
Steve Peace Director of Information Technology Town of Webster 585.872.7030 -----Original Message----- From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg] Sent: Wednesday, January 31, 2007 4:38 AM To: ccesario <at> tecnomega.com.br Cc: qmail-ldap <at> qmail-ldap.org Subject: Re: qmail-ldap + AD Hi! Carlos wrote:
Hi peoples, somebody friend have any experience about configure qmail to authentic in Active Directory ? Any google search mean about change qmail-ldap.h, but I don't search nothing specific. Any idea? Howto ? start guide.....
Yes, it is doable and is working just fine. All you need is to set up qmail-ldap.h ldap attribute names correctly according you AD scheme. Then setup control/ldap* files with servername, login dn, password etc. You could set user login to be its full email address for example.
thanks Carlos


-- Zdravko Stoychev System Software and Support MPS Ltd. zdravko.stoychev <at> mps.bg +359-2-491-1827 (ext.271) Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail This e-mail is intended only for the addressee(s) and may contain privileged and confidential information. It should not be disseminated, distributed, or copied. If you have received this e-mail message by mistake, please inform the sender, and delete it from your system.


-- Zdravko Stoychev System Software and Support MPS Ltd. zdravko.stoychev <at> mps.bg +359-2-491-1827 (ext.271) Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail This e-mail is intended only for the addressee(s) and may contain privileged and confidential information. It should not be disseminated, distributed, or copied. If you have received this e-mail message by mistake, please inform the sender, and delete it from your system.
Attachment (smime.p7s): application/x-pkcs7-signature, 3261 bytes
Permalink | Reply | 0 comments |
headers
Carlos | 1 Feb 2007 12:54
Picon
Favicon

RE: qmail-ldap + AD

Thanks :)

but I having problem with ldapsearch in AD

when I run ldap search to retrieve data from AD, I get the ...

text: 00000000: LdapErr: DSID-0C090627, comment: In order to perform
this ope
 ration a successful bind must be completed on the connection., data 0,
vece

any idea ?

Greats

Carlos

Em Qui, 2007-02-01 às 10:17 +0200, Razvan Turtureanu escreveu:
> hello list,
>  
> I did some research in the AD schema and I faund that we can use these
> Attributes:
>  
> mail;
> userPrincipalName - for uid
> userAccountControl for accoutStatus- with the values 66050 -
> desabled  and 66048 enabled (I don't know if this is exactly right)
> info - replaytext
>  
> all of the above can be modified from the dsa.msc console
>  
> and I am think-ing to extend the active directory schema witn
> forestprep and domainprep, because I want to use the functionality of
> qmail-group, and mailForwardingAddress.
>  
> Dind anyone found another solution for this???
>  
>  
> 
> 
> ______________________________________________________________________
> From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg] 
> Sent: Wednesday, January 31, 2007 16:53
> To: speace <at> ci.webster.ny.us
> Cc: ccesario <at> tecnomega.com.br; qmail-ldap <at> qmail-ldap.org
> Subject: Re: qmail-ldap + AD
> 
> 
> 
> Hi!
> 
> Steve Peace wrote: 
> > I did the exact same thing, and it is working fine.  I did however set up
> > winbind so I can use my users AD credentials to authenticate them for POP.
> >   
> For best results one could set up SFU on Windows Domain Controller and
> run NIS server there, 
> then set up all *nix boxes to use NIS for auth.
> > Steve Peace
> > Director of Information Technology
> > Town of Webster
> > 585.872.7030
> > 
> > -----Original Message-----
> > From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg] 
> > Sent: Wednesday, January 31, 2007 4:38 AM
> > To: ccesario <at> tecnomega.com.br
> > Cc: qmail-ldap <at> qmail-ldap.org
> > Subject: Re: qmail-ldap + AD
> > 
> > Hi!
> > 
> > Carlos wrote:
> >   
> > > Hi peoples, somebody friend have any experience about configure qmail to
> > > authentic in Active Directory ? Any google search mean about change
> > > qmail-ldap.h, but I don't search nothing specific. 
> > > 
> > > Any idea? Howto ? start guide.....
> > >   
> > >     
> > Yes, it is doable and is working just fine. All you need is to set up 
> > qmail-ldap.h ldap attribute names correctly according you AD scheme. 
> > Then setup control/ldap* files with servername, login dn, password etc. 
> > You could set user login to be its full email address for example.
> >   
> > > thanks
> > > 
> > > Carlos
> > > 
> > >   
> > >     
> > 
> > 
> >   
> 
> 
> -- 
>   Zdravko Stoychev
>   System Software and Support
>   MPS Ltd.
>   zdravko.stoychev <at> mps.bg
>   +359-2-491-1827 (ext.271)
> 
> Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail
> 
> This e-mail is intended only for the addressee(s) and may contain privileged and confidential
information. It should not be disseminated, distributed, or copied. If you have received this e-mail
message by mistake, please inform the sender, and delete it from your system.
Permalink | Reply | 5 comments |
headers
Hugo Monteiro | 1 Feb 2007 13:22
Picon
Favicon
Gravatar

Greetdelay patch

Hello all,

I've ported John M. Simpson's qmail greetdelay patch to qmail-ldap.

here is the README file:

---------- snip ----------
This patch is a port of the qmail greetdelay patch by
John M. Simpson <jms1 <at> spamcop.net>.

The code can be enabled at compile time specifying the -DGREETDELAY flag
on the LDAPFLAGS.

The code checks for the existence of the GRTDELAY env var, which should be
set to the amount of seconds that qmail-smtpd should wait until sending out
the SMTP greeting message. If GRTDELAY is set but no value is specified (eg,
GRTDELAY="" or > /var/qmail/boot/qmail-smtpd/env/GRTDELAY), the default 
value
of zero will be used.

In addition to GRTDELAY, the env var DROP_PRE_GREET can also be set to "1".
In that case, no only qmail-smtpd will delay the SMTP greeting, but will 
also
make qmail-smtpd enforce the SMTP rfc, exiting with an SMTP protocol 
violation
error if any data is sent to the server before the greeting message is 
presented.

Regards,

Hugo Monteiro <hugo.monteiro <at> fct.unl.pt>
---------- snip ----------

Coments are welcomed!

Regards,

Hugo Monteiro.

--

-- 
ci.fct.unl.pt:~# cat .signature

Hugo Monteiro
Email	 : hugo.monteiro <at> fct.unl.pt
Telefone : +351 212948300 Ext.15307

Centro de Informática
Faculdade de Ciências e Tecnologia da
		   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
www.ci.fct.unl.pt	      apoio <at> fct.unl.pt

ci.fct.unl.pt:~# _
Attachment (qmail-ldap-1.03-20060201-greetdelay-0.3.patch): text/x-patch, 8054 bytes
Permalink | Reply | 3 comments |
headers
Felipe Augusto van de Wiel | 1 Feb 2007 14:21
Picon

Re: Greetdelay patch


On 02/01/2007 10:22 AM, Hugo Monteiro wrote:
> Hello all,
> I've ported John M. Simpson's qmail greetdelay patch to qmail-ldap.

	Thanks. :)

> here is the README file:

[...]

> Coments are welcomed!

	Any false-positives so far?  I always listen that the
delay of SMTP greeting reduces a lot of SPAM incoming and that
it won't affect real MTAs, but as always, we find out that some
server uses really strange MTAs (or customizations), so if you
are using it, how is your impression about SPAM reduction and
false-positives?

> Regards,
> Hugo Monteiro.

	Kind regards,

--
Felipe Augusto van de Wiel <felipe <at> paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
Permalink | Reply | 1 comment |
headers
Hugo Monteiro | 1 Feb 2007 14:30
Picon
Favicon
Gravatar

Re: Greetdelay patch

Felipe Augusto van de Wiel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/01/2007 10:22 AM, Hugo Monteiro wrote:
>   
>> Hello all,
>> I've ported John M. Simpson's qmail greetdelay patch to qmail-ldap.
>>     
>
> 	Thanks. :)
>
>
>   
>> here is the README file:
>>     
>
> [...]
>
>   
>> Coments are welcomed!
>>     
>
> 	Any false-positives so far?  I always listen that the
> delay of SMTP greeting reduces a lot of SPAM incoming and that
> it won't affect real MTAs, but as always, we find out that some
> server uses really strange MTAs (or customizations), so if you
> are using it, how is your impression about SPAM reduction and
> false-positives?
>
>
>   

I've been running it for only a couple of hours now, in a VERY small 
system (only 30 mail accounts).
I'm planning on deploying it in some other larger systems after it 
passes the stability test period. There really shouldn't be nothing to 
it since it's a very small and simple patch. But i like to take things 
slowly... =)

Even in this case, i've already got 14 hits so far!

mail:~# grep "before greeting" /var/qmail/log/qmail-smtpd/current
 <at> 4000000045c1d248314620cc qmail-smtpd: before greeting: client sent data
 <at> 4000000045c1d28411252324 qmail-smtpd: before greeting: client sent data
 <at> 4000000045c1d361243e86bc qmail-smtpd: before greeting: client sent data
 <at> 4000000045c1d4073828b38c qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1d5a73192355c qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1d74800bfdb3c qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1db0a024565e4 qmail-smtpd: before greeting: connection reset
 <at> 4000000045c1db2536eb6514 qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1dbe412c9595c qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1dc2537c6dcac qmail-smtpd: before greeting: connection reset
 <at> 4000000045c1dc3107084cf4 qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1e0af1fcd1724 qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1e148272f2e6c qmail-smtpd: before greeting: client disconnected
 <at> 4000000045c1eb95293f789c qmail-smtpd: before greeting: client disconnected
mail:~# grep "before greeting" /var/qmail/log/qmail-smtpd/current|wc -l
14

9 hits from someone who wasn't willing to wait the mere 10 seconds i've 
set for the delay, and 5 for others who were too impatient to wait. =)

Regards,

Hugo Monteiro.

--

-- 
ci.fct.unl.pt:~# cat .signature

Hugo Monteiro
Email	 : hugo.monteiro <at> fct.unl.pt
Telefone : +351 212948300 Ext.15307

Centro de Informática
Faculdade de Ciências e Tecnologia da
		   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
www.ci.fct.unl.pt	      apoio <at> fct.unl.pt

ci.fct.unl.pt:~# _
Permalink | Reply | 0 comments |
headers
Zdravko Stoychev | 1 Feb 2007 14:31
Picon

Re: qmail-ldap + AD

Hi!

Carlos wrote:
Thanks :) but I having problem with ldapsearch in AD when I run ldap search to retrieve data from AD, I get the ... text: 00000000: LdapErr: DSID-0C090627, comment: In order to perform this ope ration a successful bind must be completed on the connection., data 0, vece
Right, specify binddn using -D dn and -W or -w passwd:

$ ldapsearch -s sub -x -h <hostname> -W -D "cn=<username>,cn=users,dc=<my>,dc=<domain>" -b "cn=users,dc=<my>,dc=<domain>" "(cn=<username>)"

which will ask for user's password and will show its AD info.
any idea ? Greats Carlos Em Qui, 2007-02-01 às 10:17 +0200, Razvan Turtureanu escreveu:
hello list, I did some research in the AD schema and I faund that we can use these Attributes: mail; userPrincipalName - for uid userAccountControl for accoutStatus- with the values 66050 - desabled and 66048 enabled (I don't know if this is exactly right) info - replaytext all of the above can be modified from the dsa.msc console and I am think-ing to extend the active directory schema witn forestprep and domainprep, because I want to use the functionality of qmail-group, and mailForwardingAddress. Dind anyone found another solution for this??? ______________________________________________________________________ From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg] Sent: Wednesday, January 31, 2007 16:53 To: speace <at> ci.webster.ny.us Cc: ccesario <at> tecnomega.com.br; qmail-ldap <at> qmail-ldap.org Subject: Re: qmail-ldap + AD Hi! Steve Peace wrote:
I did the exact same thing, and it is working fine. I did however set up winbind so I can use my users AD credentials to authenticate them for POP.
For best results one could set up SFU on Windows Domain Controller and run NIS server there, then set up all *nix boxes to use NIS for auth.
Steve Peace Director of Information Technology Town of Webster 585.872.7030 -----Original Message----- From: Zdravko Stoychev [mailto:zdravko.stoychev <at> mps.bg] Sent: Wednesday, January 31, 2007 4:38 AM To: ccesario <at> tecnomega.com.br Cc: qmail-ldap <at> qmail-ldap.org Subject: Re: qmail-ldap + AD Hi! Carlos wrote:
Hi peoples, somebody friend have any experience about configure qmail to authentic in Active Directory ? Any google search mean about change qmail-ldap.h, but I don't search nothing specific. Any idea? Howto ? start guide.....
Yes, it is doable and is working just fine. All you need is to set up qmail-ldap.h ldap attribute names correctly according you AD scheme. Then setup control/ldap* files with servername, login dn, password etc. You could set user login to be its full email address for example.
thanks Carlos
-- Zdravko Stoychev System Software and Support MPS Ltd. zdravko.stoychev <at> mps.bg +359-2-491-1827 (ext.271) Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail This e-mail is intended only for the addressee(s) and may contain privileged and confidential information. It should not be disseminated, distributed, or copied. If you have received this e-mail message by mistake, please inform the sender, and delete it from your system.


-- Zdravko Stoychev System Software and Support MPS Ltd. zdravko.stoychev <at> mps.bg +359-2-491-1827 (ext.271) Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail This e-mail is intended only for the addressee(s) and may contain privileged and confidential information. It should not be disseminated, distributed, or copied. If you have received this e-mail message by mistake, please inform the sender, and delete it from your system.
Attachment (smime.p7s): application/x-pkcs7-signature, 3261 bytes
Permalink | Reply | 4 comments |
headers
J.T. Moore | 1 Feb 2007 14:38
Picon

RE: qmail-ldap + AD

If exchange server is used in a domain you should use the proxyAddresses attributes for the email address. If a user has mutple email addresses with exchange server, the mail attribute only has the accounts primary email address, but proxyAddresses has the both the primary and alias email addresses for the user, e.g.
 
proxyAddresses: SMTP:user <at> domain
proxyAddresses: smtp:alias1 <at> domain
proxyAddresses: smtp:alias2 <at> domain
 
proxyAddresses only exists in the AD schema if its been configured to work with Exchange.
 
J.T.

----- Original Message -----
From: Razvan Turtureanu
To: 'Zdravko Stoychev' ; speace <at> ci.webster.ny.us
Cc: ccesario <at> tecnomega.com.br ; qmail-ldap <at> qmail-ldap.org
Sent: Thursday, February 01, 2007 3:17 AM
Subject: RE: qmail-ldap + AD
 

hello list,
 
I did some research in the AD schema and I faund that we can use these Attributes:
 
mail;
userPrincipalName - for uid
userAccountControl for accoutStatus- with the values 66050 - desabled  and 66048 enabled (I don't know if this is exactly right)
info - replaytext
 
all of the above can be modified from the dsa.msc console
 
and I am think-ing to extend the active directory schema witn forestprep and domainprep, because I want to use the functionality of qmail-group, and mailForwardingAddress.
 
Dind anyone found another solution for this???
 
 
 
 
 
--------------------------------------------------------------------------------
Permalink | Reply | 0 comments |
headers
J.T. Moore | 1 Feb 2007 14:30
Picon

RE: qmail-ldap + AD

If exchange server is used in a domain you should use the proxyAddresses attributes for the email address. If a user has mutple email addresses with exchange server, the mail attribute only has the accounts primary email address, but proxyAddresses has the both the primary and alias email addresses for the user, e.g.
 
proxyAddresses: SMTP:user <at> domain
proxyAddresses: smtp:alias1 <at> domain
proxyAddresses: smtp:alias2 <at> domain
 
proxyAddresses only exists in the AD schema if its been configured to work with Exchange.
 
J.T.

----- Original Message -----
From: Razvan Turtureanu
To: 'Zdravko Stoychev' ; speace <at> ci.webster.ny.us
Cc: ccesario <at> tecnomega.com.br ; qmail-ldap <at> qmail-ldap.org
Sent: Thursday, February 01, 2007 3:17 AM
Subject: RE: qmail-ldap + AD
 

hello list,
 
I did some research in the AD schema and I faund that we can use these Attributes:
 
mail;
userPrincipalName - for uid
userAccountControl for accoutStatus- with the values 66050 - desabled  and 66048 enabled (I don't know if this is exactly right)
info - replaytext
 
all of the above can be modified from the dsa.msc console
 
and I am think-ing to extend the active directory schema witn forestprep and domainprep, because I want to use the functionality of qmail-group, and mailForwardingAddress.
 
Dind anyone found another solution for this???
 
 
 
 
 
--------------------------------------------------------------------------------
Permalink | Reply | 0 comments |
headers
Scott Ryan | 1 Feb 2007 09:56
Picon
Gravatar

Re: SMTPAUTH Anonomous ldap bind only?

On 1/31/07, Claudio Jeker <jeker <at> n-r-g.com> wrote:

On Tue, Jan 30, 2007 at 04:46:48PM +0200, Scott Ryan wrote:
> Hi I am implementing SMTPAUTH and what I have found is that authentication
> is constantly failing. However, the user can pop their account without any
> problems with the same username and password.
>
> When I debugged my ldap logs I found the following:
>
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 fd=46 ACCEPT from
> IP= 192.168.223.100:47944 (IP=0.0.0.0:389)
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 op=0 BIND dn=""
> method=128
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 op=0 RESULT tag=97
> err=0
> text=
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 op=1 SRCH
> base="ou=mail,dc=cybertrade,dc=co,dc=za,dc=isp" scope=2 deref=0
> filter="(uid=gareth1)"
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 op=1 SRCH
> attr=accountStatus userPassword
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 op=1 SEARCH RESULT
> tag=101 err=0 nentries=0 text=
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 op=2 UNBIND
> Jan 30 16:28:11 himalia slapd2.3[2753]: conn=17962824 fd=46 closed
>
> Why is SMTP-AUTH binding with a blank dn?
> I thought that it should be binding with the dn stored in the ldaplogin
> control file
>
> # cd /var/qmail/control/
> [miranda:/var/qmail/control]# cat ldaplogin
> cn=qmail,dc=cybertrade,dc=co,dc=za,dc=isp
>
> the userPassword attribute is not readable anonomously and therefore causing
> the failed authentication.
>
> Is this a bug or have I missed something completely here?
>

Check your file permissions. auth_smtp tries to read ~control/ldappassword if
that fails it tries to bind anonymously. auth_smtp is run under the same
user as qmail-smtpd so it is possible that you need to change file
permissions.

--
:wq Claudio


Yep, that was the issue. Many thanks.

--
slr
Permalink | Reply | 0 comments |

Gmane