Notification | 4 Jun 14:05 2008

Your Deadline

  In need to

       

  • Create multiple niche web sites and continually post new content to them!
  • Create articles to submit to fr'ee article sites and get hundreds of back links to your web sites!
  • Get into the business of writing articles for other webmasters on any topic they want!

 

  IAW Pro is the answer.

       Best-selling Christian author loves IAWPro ...

       

      Jon, I was one of the first to get Instant Article Wizard. Immediately I learned the sheer power of the program. Now I'm loving IAWPro. I use your program to research and write articles, chapters of books, special reports, lesson plans, and more. How a guy with A.D.D. ever learned to write books is another story. But IAWPro is 'a sure cure.' Thanks for your investment in my success. I recommend it to all those who take my 'How to Write Your Book and Get it Published' seminars. 2008-04-08

       

      Eddie Smith

      www.EddieAndAlice.com

       

       

       

      Go PRO today with IAWPro

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

      Your Email: qmail-ldap <at> qmail-ldap.org

      If you would like to be added to our Marketing Newsletter suppression list,

      please send us an email with “UNSUBSCRIBE” in the subject line

       

Notification | 6 Jun 09:07 2008

Instant Article Wizard, boost Your Writing

  In need to

       

  • Create multiple niche web sites and continually post new content to them!
  • Create articles to submit to fr'ee article sites and get hundreds of back links to your web sites!
  • Get into the business of writing articles for other webmasters on any topic they want!

 

  IAW Pro is the answer.

       Best-selling Christian author loves IAWPro ...

       

      Jon, I was one of the first to get Instant Article Wizard. Immediately I learned the sheer power of the program. Now I'm loving IAWPro. I use your program to research and write articles, chapters of books, special reports, lesson plans, and more. How a guy with A.D.D. ever learned to write books is another story. But IAWPro is 'a sure cure.' Thanks for your investment in my success. I recommend it to all those who take my 'How to Write Your Book and Get it Published' seminars. 2008-04-08

       

      Eddie Smith

      www.EddieAndAlice.com

       

       

       

      Go PRO today with IAWPro

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

       

      Your Email: qmail-ldap <at> qmail-ldap.org

      If you would like to be added to our Marketing Newsletter suppression list,

      please send us an email with “UNSUBSCRIBE” in the subject line

       

Daniel Wedewardt | 10 Jun 17:33 2008
Picon

qmailgroup - memberUid

Hello  <at> all,

I've googled and search the mailinglist archive but found no solving
article/mail for my problem.

We're using the qmail-ldap and also use the group-mail feature. Groups
got an email address and forward mails send to this address to all group
members defined over the memberUid attribute. That works fine BUT you
have to specify the complete DN of group members. That's not how it
should work. It should be enough to specify the unique uid.

In summary: Sending mails to groups only works, when entries in
memberUid are defined as uid=firstname.lastname,ou=People,dc=foo,dc=bar
and not only as firstname.lastname.

We can see, that the qmail-ldap / qmailgroup search for the specified
user (complete DN). 

Question: is there a way (maybe a configuration parameter) to make
sub-search for uid and not the complete DN?

thanks 

Daniel
-- 
Daniel Wedewardt
IT Manager | Systems | Operations

Tel +49-30-611035-1711
Fax -49-30-611035-2711
daniel.wedewardt <at> native-instruments.de

NATIVE INSTRUMENTS GmbH
Schlesische Str. 28
10997 Berlin, Germany
http://www.native-instruments.com

***

KORE 2 - the universal sound platform becomes the Super Instrument
=> http://www.native-instruments.com/kore.info

Beatport SYNC - the free audio player with DJ functionality
=> http://www.native-instruments.com/beatportsync.info

->>>>>> NATIVE INSTRUMENTS - The Future of Sound <<<<<<-

Registergericht: Amtsgericht Charlottenburg
Registernummer: HRB 72458
UST.-ID.-Nr. DE 20 374 7747
Geschaeftsfuehrer: Daniel Haver, Stephan Schmitt

Aiko Barz | 10 Jun 20:36 2008
Picon

Re: qmailgroup - memberUid

On Tue, Jun 10, 2008 at 05:33:32PM +0200, Daniel Wedewardt wrote:
> Question: is there a way (maybe a configuration parameter) to make
> sub-search for uid and not the complete DN?

Hi,

are you looking for filtermember like:

filtermember: (&(objectclass=qmailUser)(uid=alice))

So long,
    Aiko
--

-- 
:wq ✉
Daniel Wedewardt | 10 Jun 20:57 2008
Picon

Re: qmailgroup - memberUid

Hi Aiko,

thanks for your answer.

> are you looking for filtermember like:
> filtermember: (&(objectclass=qmailUser)(uid=alice))

Is it a configuration parameter? 
I'm not sure if I got it right: When I set the filtermember (whatever it
is), than the qmail-ldap plugin will search for every user in the groups
"memberUid" attribute? And how can I set a wildcard to replace the
"alice" in your example?

best

Daniel

Scott Ryan | 11 Jun 07:53 2008
Picon

Re: qmailgroup - memberUid

filtermember can be any ldap filter that you can dream up. Just remember the limitation on the result set from the ldap server though. ie. if your ldap server is only configured to return a max of 50 results and you have a mailing list of over 50 recipients, then obviously you will have problems.

filtermember: (&(objectclass=qmailUser)(uid=*))

will return EVERY member tha has the objectclass=qmailUser

On Tue, Jun 10, 2008 at 8:57 PM, Daniel Wedewardt <daniel.wedewardt <at> native-instruments.de> wrote:
Hi Aiko,

thanks for your answer.

> are you looking for filtermember like:
> filtermember: (&(objectclass=qmailUser)(uid=alice))

Is it a configuration parameter?
I'm not sure if I got it right: When I set the filtermember (whatever it
is), than the qmail-ldap plugin will search for every user in the groups
"memberUid" attribute? And how can I set a wildcard to replace the
"alice" in your example?

best


Daniel




--
Scott Ryan

******************************************************
Cheap memory cards - SD / Memory Stick Pro /
MicroSD / USB pen drives / XD cards
From SA's leading online memory card store:
www.bitsandchips.co.za
*****************************************************
Philipp Kolloczek | 11 Jun 10:14 2008
Picon

Redirect Bounces to a "bounce host"

Hello.

I'm searching for something helping to redirect bounce messages
to one or more dedicated servers to send these bounces to remote.

Using qmail-ldap with the rcpt checks and simscan helps us to 
fight "unkown" bounces as spam, but to separate the sending
of bounces from the "normal" platform seems as a good idea.

I've come to a "bounceroutes" patch for main qmail, which I guess
is actually not included in qmail-ldap.

Has someone of you integrated that patch to qmail-ldap and/or
some experience with using it?

As I read it, it redirect bounces using qmail-remote an smtp
to a dedicated host using a bounceroutes control file similar
to smtproutes.

What about replacing smtp with qmqpc/d in an installation 
using qmail-ldap on the normal platform and pure qmail on
the bouncehost(s) as a bouncehost does not need more than
the local postmaster...(?)

Thanks
Phil.

Daniel Wedewardt | 12 Jun 11:09 2008
Picon

Re: qmailgroup - memberUid

Hello  <at> all,

Thanks for your replies, but the problem still exist.

In short: We want to make use of the field memberUid, 
which is not part of the qmail schema.  Apparently, we 
only can use a full DN as value in this field. 
But for other purposes, the field only works with a "uid". 

Wen don't want to use the field rfc822member in the groups, 
because this contains the email addresses themselves (which 
is harder to maintain). 

Is it possible to solve this isse? 

Details: 

We are using qmail-ldap-1.03-20060201 in a productive 
environment. 
The group entry testgroup is also member of posixGroup: 

$ ldapsearch -xW -b .... uid=testgroup 

dn: cn=testgroup,ou=Groups,dc=.... 
objectClass: top 
objectClass: qmailUser 
objectClass: qmailGroup 
objectClass: posixGroup 
cn: testgroup 
uid: testgroup 
qmailGID: 999 
qmailUID: 999 
gidNumber: 1111 
mailMessageStore: /var/spool/mail/testgroup 
mail: testgroup <at> .... 
mailAlternateAddress: testgroup-catchall <at> .... 
memberUid: uid=mein.name,ou=systemuser,ou=People,dc=.... 

that is, memberUid is not in the qmail schema.  Interestingly
qmail-group 
can resolve this anyway, if the field contains a full DN. 
Here the slapd log when a mail is delivered: 

testgroup is searched: 

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31944 op=1 SRCH
base="dc=native-instruments,dc=de" scope=2 deref=0

filter="(|(mail=testgroup <at> native-instruments.de)(mailAlternateAddress=testgroup <at> native-instruments.de))" 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31944 op=1 SRCH attr=uid
qmailUID qmailGID accountStatus mailHost 
                mailMessageStore nohomeDirectory mailQuotaSize
mailQuotaCount mailForwardingAddress deliveryProgramPath 
                deliveryMode mailReplyText qmailDotMode mailSizeMax
objectClass 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31944 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text= 

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31945 op=1 SRCH
base="cn=testgroup,ou=Groups,dc=native-instruments,dc=de" 
                scope=0 deref=0 filter="(objectClass=*)" 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31945 op=1 SRCH
attr=senderconfirm membersonly confirmtext moderatortext 
                dnmoderator rfc822moderator memberUid rfc822member
filtermember dnsender rfc822sender filtersender bounceadmin 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31945 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text= 

it currently contains one entry, mein.name: 

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31947 op=1 SRCH
base="uid=mein.name,ou=systemuser,ou=People,dc=native-instruments,dc=de" 
                scope=0 deref=0 filter="(objectClass=*)" 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31947 op=1 SRCH attr=mail 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31947 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text= 

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31948 op=1 SRCH
base="dc=native-instruments,dc=de" scope=2 deref=0

filter="(|(mail=mein.name <at> native-instruments.de)(mailAlternateAddress=mein.name <at> native-instruments.de))" 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31948 op=1 SRCH attr=uid
qmailUID qmailGID accountStatus mailHost mailMessageStore 
                nohomeDirectory mailQuotaSize mailQuotaCount
mailForwardingAddress deliveryProgramPath deliveryMode mailReplyText 
                qmailDotMode mailSizeMax objectClass 
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31948 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text= 

It might be working by coincidence, because the memberUid is used as
base? 
qmail-ldaplookup doesn't help when debugging, because it seems to
ignore 
memberUid completely. 

Now - if memberUid is changed from
uid=mein.name,ou=systemuser,ou=People,dc=.... 
to uid=mein.name, the result is emtpy (because this uid was not used as
filter?) 

Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=1 SRCH
base="uid=mein.name" scope=0 deref=0 filter="(objectClass=*)" 
Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=1 SRCH attr=mail 
Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=1 SEARCH RESULT
tag=101 err=32 nentries=0 text= 
Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=2 UNBIND 

If filtermember is set, this is used in a separate search and not
combined 
in an appropriate way.  (and this yields all qmailUsers) 

slapd log: 

Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=1 SRCH
base="uid=mein.name" scope=0 deref=0 filter="(objectClass=*)" 
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=1 SRCH attr=mail 
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=1 SEARCH RESULT
tag=101 err=32 nentries=0 text= 

Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=2 SRCH
base="dc=native-instruments,dc=de" scope=2 deref=0
filter="(&(objectClass=qmailUser)(uid=*))" 
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=2 SRCH attr=mail 
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=2 SEARCH RESULT
tag=101 err=0 nentries=1415 text= 

for the sake of completeness: no more lookups occur, 
that is, qmail doesn't deliver to mein.name: 

2008-06-11 17:46:12.189839500 starting delivery 462611: msg 234883259 to
local testgroup <at> .... 
2008-06-11 17:46:12.189846500 status: local 1/100 remote 0/100 
2008-06-11 17:46:12.284352500 delivery 462611: deferral:
qmail-group:_fatal:_expand_group_attr:_filtermember:_too_many_objects/ 
2008-06-11 17:46:12.284360500 status: local 0/100 remote 0/100 

Best 

Daniel

Scott Ryan | 12 Jun 11:44 2008
Picon

Re: qmailgroup - memberUid

What it looks like to me (just a guess) is that qmail-group is dereferencing the uidMember attribute because it is populated with a complete dn. According to our inhouse ldap expert this is a bug on the client side (qmail-group) as the schema definition for the uidMember attribute should not allow full dn's as attribute values.

why not use

dnmember:
 Example:
  dnmember: uid=joe,ou=example,o=qmail-ldap,c=CH

From /var/qmail/doc/QLDAPGROUP:

dnmember:
filtermember:
rfc822member:
  Members of the group are specified by these attributes. It is possible to
  specify a member by a LDAP distinguish name, a LDAP filter definiton or by
  a rfc822 email address.
 Example:
  dnmember: uid=joe,ou=example,o=qmail-ldap,c=CH
  filetrmember: ((objectclass=qmailUser)(employeeType=accountant))
  rfc822member: alice <at> qmail-ldap.org

That should work for your purposes.

On Thu, Jun 12, 2008 at 11:09 AM, Daniel Wedewardt <daniel.wedewardt <at> native-instruments.de> wrote:
Hello <at> all,

Thanks for your replies, but the problem still exist.

In short: We want to make use of the field memberUid,
which is not part of the qmail schema.  Apparently, we
only can use a full DN as value in this field.
But for other purposes, the field only works with a "uid".

Wen don't want to use the field rfc822member in the groups,
because this contains the email addresses themselves (which
is harder to maintain).

Is it possible to solve this isse?

Details:

We are using qmail-ldap-1.03-20060201 in a productive
environment.
The group entry testgroup is also member of posixGroup:

$ ldapsearch -xW -b .... uid=testgroup

dn: cn=testgroup,ou=Groups,dc=....
objectClass: top
objectClass: qmailUser
objectClass: qmailGroup
objectClass: posixGroup
cn: testgroup
uid: testgroup
qmailGID: 999
qmailUID: 999
gidNumber: 1111
mailMessageStore: /var/spool/mail/testgroup
mail: testgroup <at> ....
mailAlternateAddress: testgroup-catchall <at> ....
memberUid: uid=mein.name,ou=systemuser,ou=People,dc=....


that is, memberUid is not in the qmail schema.  Interestingly
qmail-group
can resolve this anyway, if the field contains a full DN.
Here the slapd log when a mail is delivered:

testgroup is searched:

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31944 op=1 SRCH
base="dc=native-instruments,dc=de" scope=2 deref=0

filter="(|(mail=testgroup <at> native-instruments.de)(mailAlternateAddress=testgroup <at> native-instruments.de))"
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31944 op=1 SRCH attr=uid
qmailUID qmailGID accountStatus mailHost
               mailMessageStore nohomeDirectory mailQuotaSize
mailQuotaCount mailForwardingAddress deliveryProgramPath
               deliveryMode mailReplyText qmailDotMode mailSizeMax
objectClass
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31944 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text=

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31945 op=1 SRCH
base="cn=testgroup,ou=Groups,dc=native-instruments,dc=de"
               scope=0 deref=0 filter="(objectClass=*)"
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31945 op=1 SRCH
attr=senderconfirm membersonly confirmtext moderatortext
               dnmoderator rfc822moderator memberUid rfc822member
filtermember dnsender rfc822sender filtersender bounceadmin
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31945 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text=

it currently contains one entry, mein.name:

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31947 op=1 SRCH
base="uid=mein.name,ou=systemuser,ou=People,dc=native-instruments,dc=de"
               scope=0 deref=0 filter="(objectClass=*)"
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31947 op=1 SRCH attr=mail
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31947 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text=

Jun 11 17:20:12 maildir01 slapd[28907]: conn=31948 op=1 SRCH
base="dc=native-instruments,dc=de" scope=2 deref=0

filter="(|(mail=mein.name <at> native-instruments.de)(mailAlternateAddress=mein.name <at> native-instruments.de))"
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31948 op=1 SRCH attr=uid
qmailUID qmailGID accountStatus mailHost mailMessageStore
               nohomeDirectory mailQuotaSize mailQuotaCount
mailForwardingAddress deliveryProgramPath deliveryMode mailReplyText
               qmailDotMode mailSizeMax objectClass
Jun 11 17:20:12 maildir01 slapd[28907]: conn=31948 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text=


It might be working by coincidence, because the memberUid is used as
base?
qmail-ldaplookup doesn't help when debugging, because it seems to
ignore
memberUid completely.

Now - if memberUid is changed from
uid=mein.name,ou=systemuser,ou=People,dc=....
to uid=mein.name, the result is emtpy (because this uid was not used as
filter?)


Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=1 SRCH
base="uid=mein.name" scope=0 deref=0 filter="(objectClass=*)"
Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=1 SRCH attr=mail
Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=1 SEARCH RESULT
tag=101 err=32 nentries=0 text=
Jun 11 17:24:45 maildir01 slapd[28907]: conn=32152 op=2 UNBIND

If filtermember is set, this is used in a separate search and not
combined
in an appropriate way.  (and this yields all qmailUsers)

slapd log:

Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=1 SRCH
base="uid=mein.name" scope=0 deref=0 filter="(objectClass=*)"
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=1 SRCH attr=mail
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=1 SEARCH RESULT
tag=101 err=32 nentries=0 text=

Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=2 SRCH
base="dc=native-instruments,dc=de" scope=2 deref=0
filter="(&(objectClass=qmailUser)(uid=*))"
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=2 SRCH attr=mail
Jun 11 17:46:12 maildir01 slapd[28907]: conn=33181 op=2 SEARCH RESULT
tag=101 err=0 nentries=1415 text=

for the sake of completeness: no more lookups occur,
that is, qmail doesn't deliver to mein.name:

2008-06-11 17:46:12.189839500 starting delivery 462611: msg 234883259 to
local testgroup <at> ....
2008-06-11 17:46:12.189846500 status: local 1/100 remote 0/100
2008-06-11 17:46:12.284352500 delivery 462611: deferral:
qmail-group:_fatal:_expand_group_attr:_filtermember:_too_many_objects/
2008-06-11 17:46:12.284360500 status: local 0/100 remote 0/100

Best


Daniel




--
Scott Ryan

******************************************************
Cheap memory cards - SD / Memory Stick Pro /
MicroSD / USB pen drives / XD cards
From SA's leading online memory card store:
www.bitsandchips.co.za
*****************************************************
Carlos García Gómez | 19 Jun 12:06 2008

delivery X: deferral: Connected_to_IP.IP.IP.IP_but_connection_died._(#4.4.2)

Hello,

I have a problem to send any messages ( SMTP OUT ). I´m sure is smtp out 
because I don´t have any Maildirs. (SMTP IN)

Sometimes in qmail-send log I see this message:

delivery X: deferral: Connected_to_IP.IP.IP.IP_but_connection_died._(#4.4.2)

It´s likely a problem with qmail-remote but I´m not sure.

Any Ideas?


Gmane