Zarafa Exim4 integration

From Zarafa wiki

(Difference between revisions)
Jump to: navigation, search
m (Reverted edits by Ynypokizek (talk) to last revision by Jneumann)
Line 1: Line 1:
-
----
 
-
<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">
 
-
----
 
-
=[http://imygijesusy.co.cc UNDER COSTRUCTION, PLEASE SEE THIS POST IN RESERVE COPY]=
 
-
----
 
-
=[http://imygijesusy.co.cc CLICK HERE]=
 
-
----
 
-
</div>
 
The following Exim configuration will integrate Exim with the internal Zarafa user database for alias checking and SMTP authentication.
The following Exim configuration will integrate Exim with the internal Zarafa user database for alias checking and SMTP authentication.
Line 17: Line 9:
Create the file /etc/exim4/conf.d/auth/40_zarafa_smtp and add the following lines:
Create the file /etc/exim4/conf.d/auth/40_zarafa_smtp and add the following lines:
-
&lt;code>
+
<code>
   # authenticators for SMTP AUTH with zarafa db
   # authenticators for SMTP AUTH with zarafa db
   #
   #
Line 37: Line 29:
           server_condition    = ${lookup mysql{ZARAFA_LOGIN}{1}{0}}
           server_condition    = ${lookup mysql{ZARAFA_LOGIN}{1}{0}}
           server_set_id      = $auth1
           server_set_id      = $auth1
-
&lt;/code>
+
</code>
Create the file /etc/exim4/conf.d/main/100_zarafa_mysql and add the following lines:
Create the file /etc/exim4/conf.d/main/100_zarafa_mysql and add the following lines:
-
&lt;code>
+
<code>
   # mysql settings for recipient verify and authentication
   # mysql settings for recipient verify and authentication
   #
   #
Line 69: Line 61:
   #
   #
   hide mysql_servers = MYSQL_SERVER/MYSQL_DB/MYSQL_USER/MYSQL_PASS
   hide mysql_servers = MYSQL_SERVER/MYSQL_DB/MYSQL_USER/MYSQL_PASS
-
&lt;/code>
+
</code>
Create the file /etc/exim4/conf.d/router/700_zarafa_dagent and add the following lines:
Create the file /etc/exim4/conf.d/router/700_zarafa_dagent and add the following lines:
-
&lt;code>
+
<code>
   # router for delivery via zarafa-dagent
   # router for delivery via zarafa-dagent
   #
   #
Line 99: Line 91:
           #no_verify
           #no_verify
           #no_expn
           #no_expn
-
&lt;/code>
+
</code>
Create the file /etc/exim4/conf.d/transport/30_zarafa_dagent and add the following lines:
Create the file /etc/exim4/conf.d/transport/30_zarafa_dagent and add the following lines:
-
&lt;code>
+
<code>
   #  transport for delivery via zarafa-dagent
   #  transport for delivery via zarafa-dagent
   #
   #
Line 116: Line 108:
           delivery_date_add
           delivery_date_add
           envelope_to_add
           envelope_to_add
-
&lt;/code>
+
</code>
Line 125: Line 117:
== Local part affixes and LMTP ==
== Local part affixes and LMTP ==
-
As mentioned above in the &lt;tt>zarafa_user&lt;/tt> router, if the local part contains affixes (either suffixes or prefixes), we want these to be stripped from the 'real' part of the &lt;tt>local_part&lt;/tt>. Especially for LMTP, which requires an RCPT TO command followed with a real local user. ''Luckily, this is default behaviour for LMTP in Exim 4.40.''
+
As mentioned above in the <tt>zarafa_user</tt> router, if the local part contains affixes (either suffixes or prefixes), we want these to be stripped from the 'real' part of the <tt>local_part</tt>. Especially for LMTP, which requires an RCPT TO command followed with a real local user. ''Luckily, this is default behaviour for LMTP in Exim 4.40.''
-
If you encounter any problems in the zarafa-dagent not accepting &lt;tt>prefix-username+suffix&lt;/tt> recipient addresses, check the &lt;tt>rcpt_include_affixes&lt;/tt> setting in your SMTP/LMTP transport: [http://www.exim.org/exim-html-4.40/doc/html/spec_24.html Exim 4.40 generic transport options] (see &lt;tt>rcpt_include_affixes&lt;/tt>).
+
If you encounter any problems in the zarafa-dagent not accepting <tt>prefix-username+suffix</tt> recipient addresses, check the <tt>rcpt_include_affixes</tt> setting in your SMTP/LMTP transport: [http://www.exim.org/exim-html-4.40/doc/html/spec_24.html Exim 4.40 generic transport options] (see <tt>rcpt_include_affixes</tt>).

Revision as of 09:11, 24 November 2010

The following Exim configuration will integrate Exim with the internal Zarafa user database for alias checking and SMTP authentication.

Please note this setup only works when using the DB user plugin. Unix and LDAP plugin will not correctly work with this config.

Configure Exim as a server by the following command and define domains we host and make sure to select "split" method for config files.

 dpkg-reconfigure exim4-config

Create the file /etc/exim4/conf.d/auth/40_zarafa_smtp and add the following lines:

  # authenticators for SMTP AUTH with zarafa db
  #
  auth_plain:
          driver              = plaintext
          public_name         = PLAIN
          server_prompts      = :
          # don't send password over unencrypted connections
          server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
          server_condition    = ${lookup mysql{ZARAFA_PLAIN}{1}{0}}
          server_set_id       = $auth2
  #
  auth_login:
          driver              = plaintext
          public_name         = LOGIN
          server_prompts      = "Username:: : Password::"
          # don't send password over unencrypted connections
          server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
          server_condition    = ${lookup mysql{ZARAFA_LOGIN}{1}{0}}
          server_set_id       = $auth1

Create the file /etc/exim4/conf.d/main/100_zarafa_mysql and add the following lines:

  # mysql settings for recipient verify and authentication
  #
  MYSQL_SERVER             = localhost
  MYSQL_DB                 = zarafa
  MYSQL_USER               = root
  MYSQL_PASS               = 
  #
  ZARAFA_USER = SELECT DISTINCT `value` FROM `objectproperty` WHERE \
                propname = 'loginname' \
                AND objectid = (SELECT DISTINCT(`objectid`) FROM `objectproperty` WHERE \
                value = '${quote_mysql:$local_part@$domain}')
  #
  ZARAFA_PLAIN = SELECT DISTINCT `objectid` FROM `objectproperty` WHERE \
                 objectid = (SELECT DISTINCT(`objectid`) FROM `objectproperty` WHERE \
                 `propname` = 'loginname' AND `value` = '$auth2') \
                 AND `propname` = 'password' \
                 AND `value` = CONCAT(SUBSTR(`value`, 1, 8), \
                 MD5(CONCAT(SUBSTR(`value`, 1, 8), '$auth3')))
  #
  ZARAFA_LOGIN = SELECT DISTINCT `objectid` FROM `objectproperty` WHERE \
                 objectid = (SELECT DISTINCT(`objectid`) FROM `objectproperty` WHERE \
                 `propname` = 'loginname' AND `value` = '$auth1') \
                 AND `propname` = 'password' \
                 AND `value` = CONCAT(SUBSTR(`value`, 1, 8), \
                 MD5(CONCAT(SUBSTR(`value`, 1, 8), '$auth2')))
  #
  hide mysql_servers = MYSQL_SERVER/MYSQL_DB/MYSQL_USER/MYSQL_PASS

Create the file /etc/exim4/conf.d/router/700_zarafa_dagent and add the following lines:

  # router for delivery via zarafa-dagent
  #
  zarafa_user:
          debug_print         = "R: zarafa for $local_part@$domain"
          cannot_route_message = no such user
          driver              = accept
          # In order to deliver messages to a recipient with a suffix like for example user+suffix@zarafa.com,
          # (used in VERP) we need to tell Exim that everything after the plus-sign has to be stripped.
          # After the definition of 'local_part_suffix' 'local_part' does not contain the suffix anymore.
          # Uncomment the next two lines to enable this behaviour.
          #local_part_suffix = +*
          #local_part_suffix_optional
          condition           = ${lookup mysql{ZARAFA_USER} {1}{0}}
          local_parts         = !root
          # specify your local domains which should be delivered to zarafa
          # with "domainlist local_domains    = localhost : yourdomain.com"
          # in main section of exim4.conf
          domains             = +local_domains
          transport           = zarafa_pipe
          require_files       = +/usr/bin/zarafa-dagent
          # !! if you use "verify = recipient" in any ACLs
          # you have to leave "no_verify" and "no_expn" disabled
          # otherwise your ACL will always fail
          #no_verify
          #no_expn

Create the file /etc/exim4/conf.d/transport/30_zarafa_dagent and add the following lines:

  #  transport for delivery via zarafa-dagent
  #
  zarafa_pipe:
          debug_print         = "T: zarafa_pipe for $local_part@$domain"
          driver              = pipe
          path                = "/bin:/usr/bin:/usr/local/bin"
          #command       = "/usr/bin/zarafa-dagent -s $local_part"
          #if (zarafa_usernames != $local_part) - you have to use this command instead
          command = /usr/bin/zarafa-dagent -s "${lookup mysql{ZARAFA_USER} {$value}}
          return_path_add
          delivery_date_add
          envelope_to_add


Execute the following commands to activate your configuration.

 update-exim4.conf
 /etc/init.d/exim4 restart

Local part affixes and LMTP

As mentioned above in the zarafa_user router, if the local part contains affixes (either suffixes or prefixes), we want these to be stripped from the 'real' part of the local_part. Especially for LMTP, which requires an RCPT TO command followed with a real local user. Luckily, this is default behaviour for LMTP in Exim 4.40.

If you encounter any problems in the zarafa-dagent not accepting prefix-username+suffix recipient addresses, check the rcpt_include_affixes setting in your SMTP/LMTP transport: Exim 4.40 generic transport options (see rcpt_include_affixes).

Personal tools