Enhancement #2924

Fetchmail support for AD users

Added by Filippo Carletti almost 7 years ago. Updated over 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-fetchmail
Target version:v6.5
Resolution: NEEDINFO:No

Description

fetchmail panel offers to deliver external emails to local users or groups, assuming they have an email address.
When the user has multiple email addresses one of those is chosen, not sure which one.
If users come from an AD server, the panel list is empty and mail could be delivered only to admin.

10base (1.74 KB) Nicola Rauso, 10/21/2014 11:58 AM


Related issues

Related to NethServer 6 - Bug #2947: Fetchmail re-download all emails after reboot CLOSED
Related to NethServer 6 - Feature #2897: Support Sanesecurity Foxhole CLOSED
Related to NethServer 6 - Enhancement #2954: Avoid fetchmail bounces CLOSED

Associated revisions

Revision 664a2e1d
Added by Davide Principi over 6 years ago

Submit messages to local amavisd at 127.0.0.100:10024. Refs #2924

- Require nethserver-mail-common > 1.4.0-4

Revision 8ce290f3
Added by Davide Principi over 6 years ago

Added YUM POP3 Connector comps group. Refs #2924

Revision 28a09b92
Added by Davide Principi over 6 years ago

Added YUM POP3 Connector comps group. Refs #2924

Revision 65c170d9
Added by Davide Principi over 6 years ago

POP3 connector manual updated. Refs #2924

Added index, references, gui labels and interface description.

Revision 9f5494e7
Added by Davide Principi over 6 years ago

POP3 Connector: added References section. Refs #2924

Revision 7e05d28d
Added by Davide Principi over 6 years ago

List AD accounts in POP3 connector page. Refs #2924

Use "doveadm user" with 15secs timout to get mailbox list. The user
list is decorated with details from accounts DB.

Added read-mail-accounts helper to sudo configuration.

History

#1 Updated by Filippo Carletti almost 7 years ago

A possible solution could use email addresses instead of users.
If NethServer is joined to an AD, the filed could be filled with an email address.
  1. AD: empty box, user writes an email
  2. Local users: list of all email addresses (too long?)

#2 Updated by Filippo Carletti almost 7 years ago

Thanks to Giacomo, we have a template-custom that enables email addresses in fetchmail db.

#3 Updated by Filippo Carletti almost 7 years ago

If we go for the email addresses list we should hide email marked as visible=internal.

#4 Updated by Nicola Rauso almost 7 years ago

see attachment

#5 Updated by Davide Principi almost 7 years ago

We fell into email addresses because of two reasons
  • there were SMTP access restrictions to user's mailbox internal address
  • we want mail filter checks
Now we could
  • bypass access restrictions with /etc/postfix/access table, setting fetchmail IP address
  • keep mail filter (and fix bounce issues?)
  • read mail accounts from doveadm users \* output
Personally, I don't like a free email address field:
  • Hard to validate against AD,
  • Easy to abuse/mistake: tons of bounces...

Fetchmail is dangerous and should be limited to transfer a message between two (remote) mailboxes: let's avoid unleashing of already-delivered messages!

#6 Updated by Davide Principi almost 7 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.5
  • % Done changed from 0 to 20

#7 Updated by Davide Principi almost 7 years ago

  • Subject changed from fetchmail support for AD users to Fetchmail support for AD users
  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#8 Updated by Davide Principi over 6 years ago

  • Related to Bug #2947: Fetchmail re-download all emails after reboot added

#9 Updated by Davide Principi over 6 years ago

#10 Updated by Davide Principi over 6 years ago

#11 Updated by Davide Principi over 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Test case

AD accounts with an enabled mailbox are now listed under POP3 connector > Edit/Create > Account.

Verify the dropdown menu is consistent with AD state, and the UI keeps operating if connection to AD is down.

#12 Updated by Davide Principi over 6 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-fetchmail-1.0.6-2.0git7e05d28d.ns6.noarch.rpm

Packager note
Merge documentation updates
https://github.com/nethesis/nethserver-docs/pull/44

#13 Updated by Nicola Rauso over 6 years ago

  • Assignee set to Nicola Rauso

#14 Updated by Nicola Rauso over 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Nicola Rauso)
  • % Done changed from 70 to 90

Tested: OK

Note that in case of PDC unreachable, the dropdown menu with AD users appears void. This is correct for me, it's consistent with dovecot users query failure:

# doveadm user \*
doveadm(root): Error: User listing returned failure
admin
doveadm(root): Fatal: user listing failed

#15 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-fetchmail-1.1.0-1.ns6.noarch.rpm

#16 Updated by Davide Principi over 6 years ago

The package release has been delayed. See #2954

Also available in: Atom PDF