+ldapvmail (0.3) unstable; urgency=low
+
+ * web interface first wersion
+
+ -- Peter Popovec <popovec@zubok> Fri, 23 Sep 2005 08:01:26 +0200
+
ldapvmail (0.2.1) unstable; urgency=low
* admin password, new implementation
--- /dev/null
+/etc/ldapVmail/config.php
--- /dev/null
+#!/bin/sh
+
+set -e
+
+#export DEBCONF_DEBUG=developer
+
+. /usr/share/debconf/confmodule
+
+db_version 2.0
+
+# Following lend from phpmyadmin's postinst
+db_get ldapVmail/httpd
+webservers="$RET"
+
+for webserver in $webservers; do
+ webserver=${webserver%,}
+ if [ -e /etc/$webserver/httpd.conf ] && [ ! -e /etc/$webserver/ldapVmail.conf ]; then
+ mkdir -p /etc/$webserver/conf.d
+ ln -sf /etc/ldapVmail/apache.conf /etc/$webserver/conf.d/ldapVmail.conf
+ if [ -h /etc/$webserver/conf.d/ldapVmail ]; then
+ rm -f /etc/$webserver/conf.d/ldapVmail
+ fi
+ fi
+done
+
# Add here commands to install the package into debian/ldapvmail.
$(MAKE) install DESTDIR=$(CURDIR)/debian/ldapvmail
-
+ (cd web ; cp -a . $(CURDIR)/debian/ldapvmail)
# Build architecture-independent files here.
binary-indep: build install
--- /dev/null
+##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
+#
+# Copyright 2000-2001 Double Precision, Inc. See COPYING for
+# distribution information.
+#
+# authdaemonrc created from authdaemonrc.dist by sysconftool
+#
+# Do not alter lines that begin with ##, they are used when upgrading
+# this configuration.
+#
+# This file configures authdaemond, the resident authentication daemon.
+#
+# Comments in this file are ignored. Although this file is intended to
+# be sourced as a shell script, authdaemond parses it manually, so
+# the acceptable syntax is a bit limited. Multiline variable contents,
+# with the \ continuation character, are not allowed. Everything must
+# fit on one line. Do not use any additional whitespace for indentation,
+# or anything else.
+
+##NAME: authmodulelist:0
+#
+# The authentication modules that are linked into authdaemond. The
+# default list is installed. You may selectively disable modules simply
+# by removing them from the following list. The available modules you
+# can use are: authcustom authcram authuserdb authldap authmysql authpam
+
+authmodulelist="authldap"
+
+##NAME: authmodulelistorig:1
+#
+# This setting is used by Courier's webadmin module, and should be left
+# alone
+
+authmodulelistorig="authcustom authcram authuserdb authldap authmysql authmysql authpam"
+
+##NAME: daemons:0
+#
+# The number of daemon processes that are started. authdaemon is typically
+# installed where authentication modules are relatively expensive: such
+# as authldap, or authmysql, so it's better to have a number of them
+running.
+# PLEASE NOTE: Some platforms may experience a problem if there's more than
+# one daemon. Specifically, SystemV derived platforms that use TLI with
+# socket emulation. I'm suspicious of TLI's ability to handle multiple
+# processes accepting connections on the same filesystem domain socket.
+#
+# You may need to increase daemons if as your system load increases.
+Symptoms
+# include sporadic authentication failures. If you start getting
+# authentication failures, increase daemons. However, the default of 5
+# SHOULD be sufficient. Bumping up daemon count is only a short-term
+# solution. The permanent solution is to add more resources: RAM, faster
+# disks, faster CPUs...
+
+daemons=5
+
+##NAME: version:0
+#
+# When you have multiple versions of authdaemond.* installed, authdaemond
+# just picks the first one it finds. Set "version" to override that.
+# For example: version=authdaemond.plain
+
+version=""
+
+##NAME: authdaemonvar:0
+#
+# authdaemonvar is here, but is not used directly by authdaemond. It's
+# used by various configuration and build scripts, so don't touch it!
+
+authdaemonvar=/var/run/courier/authdaemon
--- /dev/null
+##VERSION: $Id: authldaprc,v 1.12 2001/11/19 01:04:17 mrsam Exp $
+#
+# Copyright 2000-2001 Double Precision, Inc. See COPYING for
+# distribution information.
+#
+# Do not alter lines that begin with ##, they are used when upgrading
+# this configuration.
+#
+# authldaprc created from authldaprc.dist by sysconftool
+#
+# DO NOT INSTALL THIS FILE with world read permissions. This file
+# might contain the LDAP admin password!
+#
+# This configuration file specifies LDAP authentication parameters
+#
+# The format of this file must be as follows:
+#
+# field[spaces|tabs]value
+#
+# That is, the name of the field, followed by spaces or tabs, followed by
+# field value. No trailing spaces.
+#
+# Here are the fields:
+
+##NAME: LOCATION:0
+#
+# Location of your LDAP server:
+
+LDAP_SERVER localhost
+LDAP_PORT 389
+
+##NAME: LDAP_BASEDN:0
+#
+# Look for authentication here:
+
+LDAP_BASEDN o=INFO
+
+##NAME: LDAP_BINDDN:0
+#
+# You may or may not need to specify the following. Because you've got
+# a password here, authldaprc should not be world-readable!!!
+
+LDAP_BINDDN ou=postfix, ou=system,ou=internet, o=demax
+LDAP_BINDPW 1
+
+##NAME: LDAP_TIMEOUT:0
+#
+# Timeout for LDAP search
+
+LDAP_TIMEOUT 5
+
+##NAME: LDAP_AUTHBIND:0
+#
+# Define this to have the ldap server authenticate passwords. If
+LDAP_AUTHBIND
+# the password is validated by rebinding with the supplied userid and
+password.
+# If rebind succeeds, this is considered to be an authenticated request.
+This
+# does not support CRAM-MD5 authentication, which requires userPassword.
+#
+# WARNING - as of the time this note is written, there are memory leaks in
+# OpenLDAP that affect this option, see ITS #1116 in openldap.org's bug
+# tracker. Avoid using this option until these leaks are plugged.
+#
+LDAP_AUTHBIND 1
+
+##NAME: LDAP_MAIL:0
+#
+# Here's the field on which we query
+
+LDAP_MAIL uid
+
+##NAME: LDAP_DOMAIN:0
+#
+# The following default domain will be appended, if not explicitly
+specified.
+#
+# LDAP_DOMAIN example.com
+
+##NAME: LDAP_GLOB_IDS:0
+#
+# The following two variables can be used to set everybody's uid and gid.
+# This is convenient if your LDAP specifies a bunch of virtual mail accounts
+# The values can be usernames or userids:
+#
+LDAP_GLOB_UID 1000
+LDAP_GLOB_GID 1000
+
+##NAME: LDAP_HOMEDIR:0
+#
+# We will retrieve the following attributes
+#
+# The HOMEDIR attribute MUST exist, and we MUST be able to chdir to it
+
+LDAP_HOMEDIR mailMessageStore
+
+##NAME: LDAP_MAILDIR:0
+#
+# The MAILDIR attribute is OPTIONAL, and specifies the location of the
+# mail directory. If not specified, ./Maildir will be used
+
+LDAP_MAILDIR mailMessageStore
+
+##NAME: LDAP_MAILDIRQUOTA:0
+#
+# The following variable, if defined, specifies the field containing the
+# maildir quota, see README.maildirquota for more information
+#
+# LDAP_MAILDIRQUOTA maildirQuota
+
+
+##NAME: LDAP_FULLNAME:0
+#
+# FULLNAME is optional, specifies the user's full name
+
+LDAP_FULLNAME cn
+
+##NAME: LDAP_PW:0
+#
+# CLEARPW is the clear text password. CRYPT is the crypted password.
+# ONE OF THESE TWO ATTRIBUTES IS REQUIRED. If CLEARPW is provided, and
+# libhmac.a is available, CRAM authentication will be possible!
+
+LDAP_CLEARPW clearPassword
+LDAP_CRYPTPW userPassword
+
+##NAME: LDAP_IDS:0
+#
+# Uncomment the following, and modify as appropriate, if your LDAP database
+# stores individual userids and groupids. Otherwise, you must uncomment
+# LDAP_GLOB_UID and LDAP_GLOB_GID above. LDAP_GLOB_UID and LDAP_GLOB_GID
+# specify a uid/gid for everyone. Otherwise, LDAP_UID and LDAP_GID must
+# be defined as attributes for everyone.
+#
+# LDAP_UID uidNumber
+# LDAP_GID gidNumber
+##NAME: LDAP_DEREF:0
+#
+# Determines how aliases are handled during a search. This option is
+available
+# only with OpenLDAP 2.0
+#
+# LDAP_DEREF can be one of the following values:
+# never, searching, finding, always. If not specified, aliases are
+# never dereferenced.
+
+LDAP_DEREF never
+
+##NAME: LDAP_TLS:0
+#
+# Set LDAP_TLS to 1 to enable LDAP over SSL/TLS. Experimental setting.
+# Requires OpenLDAP 2.0
+#
+
+LDAP_TLS 0
+LDAP_FILTER (AccountStatus=active)
--- /dev/null
+/var/run/saslauthd /var/spool/postfix/var/run/saslauthd none bind
+
--- /dev/null
+# see /usr/share/postfix/main.cf.dist for a commented, fuller
+# version of this file.
+
+# Do not change these directory settings - they are critical to Postfix
+# operation.
+command_directory = /usr/sbin
+daemon_directory = /usr/lib/postfix
+program_directory = /usr/lib/postfix
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+setgid_group = postdrop
+biff = no
+
+smtpd_use_tls = yes
+smtpd_tls_cert_file = /etc/postfix/ssl/key+cert.pem
+smtpd_tls_key_file = /etc/postfix/ssl/key+cert.pem
+
+smtpd_sasl_auth_enable = yes
+#definuj k tomu /etc/default/saslauthd...
+smtpd_sasl_application_name = smtpd
+smtpd_tls_auth_only = yes
+broken_sasl_auth_clients = yes
+smtpd_sasl_security_options = noanonymous
+#nechaj bez domeny, realm bud ziaden alebo podla toho ci ho uzivatel zada
+smtpd_sasl_local_domain =
+
+
+
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+myhostname = mail.DOMAIN.INFO
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+virtual_mailbox_domains =
+ mail.DOMAIN.INFO
+ localhost.DOMAIN.INFO
+ DOMAIN.INFO
+
+relay_domains =
+ SUB.DOMAIN.INFO
+
+#relayhost = 192.168.0.1
+
+transport_maps = hash:/etc/postfix/transport
+
+mynetworks =
+ 127.0.0.0/8
+ 172.29.0.0/24
+
+mailbox_command = /usr/bin/procmail -a "$EXTENSION"
+mailbox_size_limit = 50000000
+message_size_limit = 30000000
+
+recipient_delimiter = +
+
+
+local_transport = virtual
+virtual_mailbox_base = /
+virtual_mailbox_maps = ldap:ldapvirtual
+virtual_uid_maps = static:1000
+virtual_gid_maps = static:1000
+virtual_minimum_uid = 1000
+virtual_mailbox_limit = 50000000
+
+
+ldapvirtual_server_host = localhost
+ldapvirtual_server_port = 389
+ldapvirtual_bind = yes
+ldapvirtual_bind_dn = ou=postfix,ou=system,ou=DOMAIN,ou=INFO
+ldapvirtual_bind_pw = PASSWORD
+ldapvirtual_search_base = ou=vmail,ou=DOMAIN,ou=INFO
+ldapvirtual_query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(|(AccountStat
+us=active)(accountStatus=shared)))
+ldapvirtual_result_attribute = mailMessageStore
+ldapvirtual_expansion_limit = 1
+
+#nasledujuci riadok musi ostat prazdny, nesmie sa zrusit
+virtual_alias_domains =
+virtual_alias_maps = ldap:ldapalias
+#virtual_maps = ldap:ldapalias
+ldapalias_server_host = localhost
+ldapalias_server_port = 389
+ldapalias_bind = yes
+ldapalias_bind_dn = ou=postfix,ou=system,ou=DOMAIN,ou=INFO
+ldapalias_bind_pw = PASSWORD
+ldapalias_search_base = ou=vmail,ou=DOMAIN,ou=INFO
+ldapalias_query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))(|(AccountStatus
+=active)(AccountStatus=shared)))
+ldapalias_result_attribute = mailForwardingAddress
+
+#acceptdomains_server_host = localhost
+#acceptdomains_server_port = 389
+#acceptdomains_bind = yes
+#acceptdomains_bind_dn = ou=postfix,ou=system,ou=DOMAIN,ou=INFO
+#acceptdomains_bind_pw = PASSWORD
+#acceptdomains_search_base = ou=postfix,ou=system,ou=DOMAIN,ou=INFO
+#acceptdomains_query_filter = (associatedDomain=*)
+#acceptdomains_result_attribute = associatedDomain
+
+#ldapquota_timeout = 10
+#ldapquota_server_host = localhost
+#ldapqouta_server_port = 389
+#ldapquota_bind = yes
+#ldapquota_bind_dn = ou=postfix,ou=system,ou=DOMAIN,ou=INFO
+#ldapquota_bind_pw = PASSWORD
+#ldapquota_search_base = ou=postfix,ou=system,o=demax
+#ldapqouta_domain = mycoll.edu, hash:/etc/postfix/searchdomains
+#ldapquota_query_filter = (&(mail=%s)(accountstatus=active))
+#ldapquota_result_attribute = mailquota
+
+smtpd_recipient_restrictions =
+ reject_non_fqdn_sender
+ reject_non_fqdn_recipient
+ reject_unknown_sender_domain
+ reject_unknown_recipient_domain
+ reject_rbl_client relays.ordb.org
+ reject_rbl_client sbl.spamhaus.org
+ reject_rbl_client xbl.spamhaus.org
+ reject_rbl_client bl.spamcop.net
+ check_policy_service unix:private/policy
+ check_recipient_access hash:/etc/postfix/fullaccess
+ permit_mynetworks
+ reject_sender_login_mismatch
+ permit_sasl_authenticated
+ reject_unauth_destination
+ reject_unauth_pipelining
+ reject_unknown_client
+
+smtpd_sender_restrictions =
+ check_sender_access hash:/etc/postfix/access
+
+smtpd_helo_required = yes
+
+smtpd_helo_restrictions =
+ check_recipient_access hash:/etc/postfix/fullaccess
+ permit_mynetworks
+ permit_sasl_authenticated
+ check_recipient_access hash:/etc/postfix/bad_helo_allowed
+ reject_invalid_hostname
+ reject_non_fqdn_hostname
+ reject_unknown_hostname
+
+smtpd_sender_login_maps = ldap:loginmap
+loginmap_server_host = localhost
+loginmap_version = 3
+loginmap_bind = yes
+loginmap_bind_dn = ou=postfix,ou=system,ou=DOMAIN,ou=INFO
+loginmap_bind_pw = PASSWORD
+loginmap_search_base = ou=vmail,ou=DOMAIN,ou=INFO
+loginmap_query_filter = (|(mail=%s)(mailAlternateAddress=%s))
+#loginmap_query_filter = mail=%s
+loginmap_result_attribute = uid
+loginmap_result_filter = %s
+
+
+#pre vypnutie NOD32 treba zaremovat oba nasledujuce riadky:
+content_filter = smtp:localhost:2526
+receive_override_options = no_address_mappings
--- /dev/null
+Alias /ldapVmail /usr/share/ldapVmail
+
+<Directory /usr/share/ldapVmail>
+ Options Indexes FollowSymLinks
+ <IfModule mod_dir.c>
+ DirectoryIndex index.php
+ </IfModule>
+ SSLRequireSSL
+</Directory>
--- /dev/null
+<?
+$LdapHost="ldap://127.0.0.1";
+$LdapBind="ou=postfix,ou=system,dc=pema-sk,dc=sk";
+$LdapPass="postfixPass";
+$LdapAdmin="cn=Erik Bosak,ou=system,dc=pema-sk,dc=sk";
+$filter="(|(AccountStatus=active)(AccountStatus=shared))";
+$netBase="ou=vmail,ou=internet,dc=pema-sk,dc=sk";
+?>
--- /dev/null
+<html>
+<body>
+<head>
+<META content="text/html; charset=iso-8859-2" http-equiv=Content-Type>
+<style type="text/css">
+.riadok{font-size:14}
+</style>
+</head>
+<body>
+<?
+require("config.php");
+$ds=ldap_connect($LdapHost);
+$r=ldap_bind($ds,$LdapBind,$LdapPass);
+
+$action="browse";
+if(isset($_GET['action']))
+ $action=$_GET['action'];
+if(isset($_POST['action']))
+ $action=$_POST['action'];
+if(isset($_GET['uid']))
+ $uid=$_GET['uid'];
+if(isset($_POST['uid']))
+ $uid=$_POST['uid'];
+
+if(isset($_POST['changepassword']))
+ $action="changepassword";
+
+
+if(isset($uid)){
+$sr=ldap_search($ds,$netBase,"uid=".$uid);
+if ($sr!=NULL) {
+ $info = ldap_get_entries($ds, $sr);
+ #printf("<h2>pop3/imap user: %s</h2>",$info[0]["uid"][0]);
+ #printf ("<pre>");
+ #print_r($info);
+ #printf("%s:",$info[0]["dn"]);
+ $DN=$info[0]["dn"];
+ ldap_free_result($sr);
+ }
+else
+ printf("unknown user %s",$uid);
+}
+#echo $action ;
+#echo $DN ;
+#echo $uid ;
+
+if($action=="edit"){
+printf("user %s edit",$uid);
+}
+
+if($action=="password" && isset($DN))
+{
+printf("<p>Changing password for pop3/imap user <b>%s</b>:</p>",$uid);
+
+?>
+<table>
+<form method="post" name="pass">
+<tr><td>New user password: </td><td><input type="password" name="new1passwd"></td></tr>
+<tr><td>Retype user password: </td><td><input type="password" name="new2passwd"></td></tr>
+<tr><td colspan="2">
+<tr><td>Admin name: </td><td><input name="admin" value="ssss"></td></tr>
+<tr><td>Admin password: </td><td><input type="password" name="adminpasswd"></td></tr>
+<td></tr>
+</table>
+<input type="submit" name="changepassword" value="Change password">
+<input type="hidden" name="uid" value="<?echo $uid ?>"></form>
+<?
+}
+
+if($action=="changepassword" && isset($DN))
+{
+$CRYPT_MD5=1;
+if(strlen($_POST['new1passwd'])<8 )
+ printf("Prilis kratke heslo, ma mat aspon 8 znakov\n");
+else {
+ if($_POST['new1passwd'] != $_POST['new2passwd'])
+ printf("Nove hesla uzivatela sa nezhoduju\n");
+ else {
+ $ds=ldap_connect($LdapHost);
+ $r=@ldap_bind($ds,$_POST['admin'],$_POST['adminpasswd']);
+ if ($r==FALSE)
+ printf("nespravne heslo pre admina\n");
+ else{
+ $infoNew["userpassword"]="{crypt}".crypt($_POST['new1passwd']);
+ #print_r($infoNew);
+ #print $DN ;
+ $r2=@ldap_mod_replace($ds, $DN, $infoNew);
+ if($r2==FALSE)
+ {
+ printf("Nebolo mozne zmenit heslo<br>Server oznamil: [%s]\n",ldap_error($ds));
+ }
+ else
+ printf("Heslo pre uzivatela %s bolo uspesne zmenene\n",$uid);
+ ldap_close($ds);
+ }
+ }
+ }
+}
+
+if($action=="browse")
+{
+$sr=ldap_search($ds,$netBase,$filter);
+if ($sr!=NULL) {
+ldap_sort ($ds, $sr, "uid" );
+$info = ldap_get_entries($ds, $sr);
+#printf ("<pre>");
+#print_r($info);
+
+printf("<table border=0 class=\"riadok\">");
+printf("<tr><th>POP3/IMAP login</th><th>mail</th><th>forward</th></tr>");
+
+$dcolor[0]="cyan";
+$dcolor[1]="lightgreen";
+$dcolor[2]="yellow";
+$dcolor[3]="red";
+
+for($spolu=$index=0;$index<$info["count"];$index++)
+ {
+ printf("<tr><td bgcolor=\"%s\"><a href=\"%s?action=edit&uid=%s\">%s</a></td>",
+ $dcolor[$index % 2 ],
+ $_SERVER["PHP_SELF"],
+ $info[$index]["uid"][0],
+ $info[$index]["uid"][0]);
+ if (0==$info[$index]["mailalternateaddress"]["count"])
+ printf("<td bgcolor=\"%s\" align=right>%s</td>",
+ $dcolor[$index % 2 ],
+ $info[$index]["mail"][0]);
+ else {
+ printf("
+ <td bgcolor=\"%s\" align=\"right\">
+ <form>
+ <select class=\"riadok\">
+ <option>
+ %s
+ </option>
+ ",
+ $dcolor[($index % 2) + $alternate],
+ $info[$index]["mail"][0]);
+ for($i=0;$i<$info[$index]["mailalternateaddress"]["count"];$i++)
+ printf("<option>%s</option>\n",$info[$index]["mailalternateaddress"][$i]);
+ printf("</select></form></td>");
+ }
+ if ($info[$index]["mailforwardingaddress"]["count"]<2)
+ printf("<td bgcolor=\"%s\"> %s</td></tr>\n",
+ $dcolor[$index % 2 ],
+ $info[$index]["mailforwardingaddress"][0]);
+ else {
+ printf("
+ <td bgcolor=\"%s\" align=\"right\">
+ <form>
+ <select class=\"riadok\">",
+ $dcolor[($index % 2) + $alternate]);
+ for($i=0;$i<$info[$index]["mailforwardingaddress"]["count"];$i++)
+ printf("<option>%s</option>\n",$info[$index]["mailforwardingaddress"][$i]);
+ printf("</select></form></td>");
+ }
+ }
+printf ("</table>");
+ldap_free_result($sr);
+}
+}
+?>
+
+
+</body>
+</html>
--- /dev/null
+/etc/ldapVmail/config.php
\ No newline at end of file
projects / ldapvmail / commitdiff