Also search on the domain name for the virtual domain name in the ldap (Solves: #638) (#642)

Added test to check email delivery for a other domain then the primary of the mailserver.
2024-11-18 00:43:49 +01:00 · 2017-08-19 10:32:00 +02:00 · 2017-08-19 10:32:00 +02:00 · 04904e77c4
commit 04904e77c4
parent 9e7959fafe
7 changed files with 89 additions and 3 deletions
--- a/2
+++ b/2
@ -113,7 +113,7 @@ RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/e

 # Configures LDAP
 COPY target/dovecot/dovecot-ldap.conf.ext /etc/dovecot
-COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/ldap-aliases.cf /etc/postfix/
+COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/ldap-aliases.cf target/postfix/ldap-domains.cf /etc/postfix/

 # Enables Spamassassin CRON updates
 RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin
--- a/1
+++ b/1
@ -116,6 +116,7 @@ run:
 		-e LDAP_QUERY_FILTER_USER="(&(mail=%s)(mailEnabled=TRUE))" \
 		-e LDAP_QUERY_FILTER_GROUP="(&(mailGroupMember=%s)(mailEnabled=TRUE))" \
 		-e LDAP_QUERY_FILTER_ALIAS="(&(mailAlias=%s)(mailEnabled=TRUE))" \
+		-e LDAP_QUERY_FILTER_DOMAIN="(&(|(mail=*@%s)(mailalias=*@%s)(mailGroupMember=*@%s))(mailEnabled=TRUE))" \
 		-e DOVECOT_PASS_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \
 		-e DOVECOT_USER_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \
 		-e ENABLE_SASLAUTHD=1 \
--- a/target/postfix/ldap-domains.cf
+++ b/target/postfix/ldap-domains.cf
@ -0,0 +1,8 @@
+bind             = yes
+bind_dn          = cn=admin,dc=domain,dc=com
+bind_pw          = admin
+query_filter     = (&(|(mail=*@%s)(mailalias=*@%s))(mailEnabled=TRUE))
+result_attribute = mail
+search_base      = ou=people,dc=domain,dc=com
+server_host      = mail.domain.com
+version          = 3
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@ -525,7 +525,7 @@ function _setup_ldap() {

 	notify 'inf' 'Checking for custom configs'
 	# cp config files if in place
-	for i in 'users' 'groups' 'aliases'; do
+	for i in 'users' 'groups' 'aliases' 'domains'; do
 	    fpath="/tmp/docker-mailserver/ldap-${i}.cf"
 	    if [ -f $fpath ]; then
 		cp ${fpath} /etc/postfix/ldap-${i}.cf
@ -533,11 +533,12 @@ function _setup_ldap() {
 	done

 	notify 'inf' 'Starting to override configs'
-	for f in /etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf
+	for f in /etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf /etc/postfix/ldap-domains.cf
 	do
 		[[ $f =~ ldap-user ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_USER}"
 		[[ $f =~ ldap-group ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_GROUP}"
 		[[ $f =~ ldap-aliases ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_ALIAS}"
+		[[ $f =~ ldap-domains ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_DOMAIN}"
 		configomat.sh "LDAP_" "${f}"
 	done

@ -571,6 +572,10 @@ function _setup_ldap() {
 		postconf -e "virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf" || \
 		notify 'inf' "==> Warning: /etc/postfix/ldap-user.cf not found"

+	[ -f /etc/postfix/ldap-domains.cf ] && \
+		postconf -e "virtual_mailbox_domains = /etc/postfix/vhost, ldap:/etc/postfix/ldap-domains.cf" || \
+		notify 'inf' "==> Warning: /etc/postfix/ldap-domains.cf not found"
+
 	[ -f /etc/postfix/ldap-aliases.cf -a -f /etc/postfix/ldap-groups.cf ] && \
 		postconf -e "virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf, ldap:/etc/postfix/ldap-groups.cf" || \
 		notify 'inf' "==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found"
--- a/test/docker-openldap/bootstrap/ldif/03_user-email-other-primary-domain.ldif
+++ b/test/docker-openldap/bootstrap/ldif/03_user-email-other-primary-domain.ldif
@ -0,0 +1,25 @@
+# --------------------------------------------------------------------
+# Create mail accounts
+# --------------------------------------------------------------------
+# Some User
+dn: uniqueIdentifier=some.other.user,ou=people,dc=localhost,dc=localdomain
+changetype: add
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: PostfixBookMailAccount
+objectClass: extensibleObject
+cn: Some Other User
+givenName: Other User
+mail: some.other.user@localhost.otherdomain
+mailAlias: postmaster@localhost.otherdomain
+mailGroupMember: employees@localhost.otherdomain
+mailEnabled: TRUE
+mailGidNumber: 5000
+mailHomeDirectory: /var/mail/localhost.localdomain/some.other.user/
+mailQuota: 10240
+mailStorageDirectory: maildir:/var/mail/localhost.localdomain/some.other.user/
+mailUidNumber: 5000
+sn: Some
+uniqueIdentifier: some.other.user
+userPassword: {SSHA}eLtqGpid+hkSVhxvsdTPztv4uapRofGx
--- a/test/docker-openldap/bootstrap/ldif/04_user-email-different-uid.ldif
+++ b/test/docker-openldap/bootstrap/ldif/04_user-email-different-uid.ldif
@ -0,0 +1,23 @@
+# --------------------------------------------------------------------
+# Create mail accounts
+# --------------------------------------------------------------------
+# Some User
+dn: uniqueIdentifier=some.user.id,ou=people,dc=localhost,dc=localdomain
+changetype: add
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: PostfixBookMailAccount
+objectClass: extensibleObject
+cn: Some User
+givenName: User
+mail: some.user.email@localhost.localdomain
+mailEnabled: TRUE
+mailGidNumber: 5000
+mailHomeDirectory: /var/mail/localhost.localdomain/some.user.id/
+mailQuota: 10240
+mailStorageDirectory: maildir:/var/mail/localhost.localdomain/some.user.id/
+mailUidNumber: 5000
+sn: Some
+uniqueIdentifier: some.user.id
+userPassword: {SSHA}eLtqGpid+hkSVhxvsdTPztv4uapRofGx
--- a/test/tests.bats
+++ b/test/tests.bats
@ -1051,6 +1051,22 @@ load 'test_helper/bats-assert/load'
  run docker exec mail_with_ldap /bin/sh -c "postmap -q employees@localhost.localdomain ldap:/etc/postfix/ldap-groups.cf"
  assert_success
  assert_output "some.user@localhost.localdomain"
+
+  # Test of the user part of the domain is not the same as the uniqueIdentifier part in the ldap
+  run docker exec mail_with_ldap /bin/sh -c "postmap -q some.user.email@localhost.localdomain ldap:/etc/postfix/ldap-users.cf"
+  assert_success
+  assert_output "some.user.email@localhost.localdomain"
+
+  # Test email receiving from a other domain then the primary domain of the mailserver
+  run docker exec mail_with_ldap /bin/sh -c "postmap -q some.other.user@localhost.otherdomain ldap:/etc/postfix/ldap-users.cf"
+  assert_success
+  assert_output "some.other.user@localhost.otherdomain"
+  run docker exec mail_with_ldap /bin/sh -c "postmap -q postmaster@localhost.otherdomain ldap:/etc/postfix/ldap-aliases.cf"
+  assert_success
+  assert_output "some.other.user@localhost.otherdomain"
+  run docker exec mail_with_ldap /bin/sh -c "postmap -q employees@localhost.otherdomain ldap:/etc/postfix/ldap-groups.cf"
+  assert_success
+  assert_output "some.other.user@localhost.otherdomain"
 }

@test "checking postfix: ldap custom config files copied" {
@ -1099,6 +1115,14 @@ load 'test_helper/bats-assert/load'
  assert_output 1
 }

+@test "checking dovecot: ldap mail delivery works for a different domain then the mailserver" {
+  run docker exec mail_with_ldap /bin/sh -c "sendmail -f user@external.tld some.other.user@localhost.otherdomain < /tmp/docker-mailserver-test/email-templates/test-email.txt"
+  sleep 10
+  run docker exec mail_with_ldap /bin/sh -c "ls -A /var/mail/localhost.localdomain/some.other.user/new | wc -l"
+  assert_success
+  assert_output 1
+}
+
@test "checking dovecot: ldap config overwrites success" {
  run docker exec mail_with_ldap /bin/sh -c "grep 'hosts = ldap' /etc/dovecot/dovecot-ldap.conf.ext"
  assert_success