geos_one/go-mailzu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Forking from Mailzu 0.8RC3

Browse Source
This commit is contained in:
Mikko Husari
2008-12-10 15:33:43 +02:00
commit 2572b1814b
184 changed files with 79039 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
docs/AD_README Normal file
View File

@@ -0,0 +1,70 @@
Active Directory Autentication Settings
----------------------------------------
To configure MailZu to authenticate users against Active Directory.
Edit the config/config.php and tailor the variables mentioned here for your
environment.
// Set an authentication method: 'ldap','ad', or 'sql'
$conf['auth']['serverType'] = 'ad';
Set the AD host(s) and search base
// List of AD Domain controllers
$conf['auth']['ad_hosts'] = array( 'dc1.example.com' );
// if set to true, LDAP connection over SSL (PHP 4.0.4 minimum)
// if set to false or not set, unencrypted LDAP connection on port 389
$conf['auth']['ad_ssl'] = false;
// AD base dn, e.g. 'dc=example,dc=com'
$conf['auth']['ad_basedn'] = 'dc=example,dc=com';
Set the Active Directory domain:
// AD domain, e.g. 'example.com'
$conf['auth']['ad_domain'] = 'example.com';
Set the attribute usually used to identify a user in Active Directory:
// AD attribute used to identify a person
$conf['auth']['ad_user_identifier'] = 'samaccoutname';
Now we must set the login format. For AD the default is the 'samaccountname'
attribute, or if you want a fully qualified email address as the login, it
could be 'mail'.
// AD attribute used as login, e.g. 'samaccountname' or 'mail'
$conf['auth']['ad_login'] = 'samaccountname';
At the login page of MailZu, with this setting the user would use the login
'user', or if the configuration variable was set to the 'mail' attribute, the
login would be 'user@example.com'.
These two attributes are enough to be authenticated to the MailZu interface,
but the third attribute is what determines which messages the authenticated
user is permitted to view. This attribute is the final recipient address. It is
the email address that amavisd-new reports as the envelope recipient.
For example, if the login used was 'user', than there must be an attribute or
field that determines the email address associated with this user. Even if the
login was 'user@example.com' the third attribute may or may not be the same.
The address might have been aliased to an internal address
'user@internal.example.com'.
// AD mail attribute used as the final recipient address
// Could be the actual mail attribute or another attribute
// (in the latter case look for the "%m" token in the ldap query filter in
// amavisd.conf)
$conf['auth']['ad_mailAttr'] = 'mail';
If the attribute listed for the login format is not the same as the binding
username, we must be able to search the directory. The settings below binds
using this account to search the directory. AD does not allow anonymous
binds.
$conf['auth']['ad_searchUsername'] = 'manager';
$conf['auth']['ad_searchPassword'] = 'secret';
If you want to specify the name of the user in the welcome message, you need to set the parameter below. AD attribute such as 'g
ivenName', 'cn' or 'displayName' can be used:
$conf['auth']['ad_name'] = 'givenName';

31
docs/CREDITS Normal file
View File

@@ -0,0 +1,31 @@
MailZu Credits:
---------------
* Project Creators:
- Samuel Tran <stran2005@users.sourceforge.net>
- Brian Wong <bwsource@users.sourceforge.net>
* Project Principal Developers:
- Samuel Tran <stran2005@users.sourceforge.net>
- Brian Wong <bwsource@users.sourceforge.net>
* Project Developers/Patch Writers:
- Nicolas Peyrussie <peyrouz@users.sourceforge.net>
* Translators:
- Brian Wong <bwsource@users.sourceforge.net> English
- Nicolas Peyrussie <peyrouz@users.sourceforge.net> French
- Paolo Cravero Italian
- Samuel Tran <stran2005@users.sourceforge.net> French
- Ricardo Mu<4D>oz Spanish
* Special Thanks to:
- Nick Korbel who allowed us to re-use some codes
from his excellent project PHPScheduleIt (http://www.php.brickhost.com/index.php).
MailZu is based on PHPScheduleIt framework for a more rapid development.
* Contributors:
- Bogdan Baliuci: Exchange 5.5 authentication
- Paolo Cravero: Italian translation and suggestions to improve LDAP authentication
- Ricardo Mu<4D>oz: Spanish translation
- Andrew A. Neuschwander: lots of debugging

29
docs/EXCHANGE_5.5_README Normal file
View File

@@ -0,0 +1,29 @@
Exchange 5.5 Autentication Settings
-----------------------------------
To configure MailZu to authenticate users against Exchange 5.5,
edit the config/config.php and tailor the variables mentioned here for your
environment.
// Set an authentication method: 'ldap','ad', 'sql' or 'exchange' (Exchange 5.5)
$conf['auth']['serverType'] = 'exchange';
These three attributes are enough to be authenticated to the MailZu interface:
// Exchange 5.5 server host and IMAP port
$conf['auth']['exch_host'] = '10.1.1.20:143';
// Exchange's LDAP server, it usually has the same IP as the Exchange server
$conf['auth']['exch_ldap'] = '10.1.1.20';
// Exchange default NT domain
$conf['auth']['exch_domain'] = 'mycorp';
At the MailZu login, enter the user NT login as username.
This code may not work if the user's Exchange alias is different from the NT login.
Thanks to Bogdan Baliuci <b.baliuc@rogers.com> for his code contribution.

70
docs/FAQ Normal file
View File

@@ -0,0 +1,70 @@
Frequently Asked Questions
=======================================
1) What is MailZu?
MailZu is a quarantine management interface for amavisd-new. It allows
users to view their quarantined items and request release (for suspect malware),
release, or mark them for deletion.
2) What version of amavisd-new do I need?
MailZu will work with amavisd-new greater than 2.3.0.
3) Does MailZu support multiple amavisd-new instances?
Yes. If every amavisd-new instance in your environment stores its data into
the same SQL database there should be no problem. The only limitation is that
the AM.PDP protocol must listen on the same port for each amavisd-new
instance.
4) Do I have to configure amavisd-new to quarantine email to SQL?
No. MailZu does not require that the actual message bodies be kept in SQL.
Release is handled by amavisd-new, so MailZu need not be aware of the location
of the quarantine. Quarantine to SQL is only neccessary if you want your users
to be able to view spam in the MailZu interface, otherwise they will only see
the basic headers of the quarantined message.
5) Why do some or all messages in the MailZu message index not viewable?
The reason might be that email is not quarantined to SQL. This can be enabled
by setting these variables in amavisd-new:
$banned_files_quarantine_method = 'sql:';
$spam_quarantine_method = 'sql:';
6) Releasing messages does not seem to work. What is wrong?
There may be a couple of reasons for this behavior. The most common problems
is that PHP is not built with sockets enabled ( --enable-sockets ), or it is
a network related issue.
The first problem is easy to diagnose and fix. If releasing emails is still
not working, then we have to diagnose the network problem.
It is important to understand that in order for MailZu to support more than
one amavisd-new instance, it must connect to the appropriate host. The correct
host is retrieved from the SQL record inserted by amavisd-new. Check the 'host'
column of the 'msgs' table. Please make sure that you can connect to the AM.PDP
port of the host listed in that record from the host that runs MailZu.
user@mailzuhost# telnet <host in SQL record> <AM.PDP port>
If a connection is not made, then review your amavisd-new configuration regarding
the interfaces it listens on, and the ACLs regarding connecting clients. Be
careful, the AM.PDP protocol does not send a greeting or any data whatsoever on
a successful connection. It may appear that a connecion did not work, when in fact
it did.
7) Where can I get support?
If you are having a problem with MailZu and the solution is not obvious, take
a look at the mailing list archive at:
http://sourceforge.net/mailarchive/forum.php?forum=mailzu-users
and/or subscribe at this URL:
https://lists.sourceforge.net/lists/listinfo/mailzu-users

37
docs/IMAP_README Normal file
View File

@@ -0,0 +1,37 @@
IMAP Autentication Settings
---------------------------
To configure MailZu to authenticate users against IMAP,
edit the config/config.php and tailor the variables mentioned here for your
environment.
Select the IMAP authentication method:
/* Options are:
ldap -> Standard LDAP server, e.g. OpenLDAP
ad -> MS Active Directory
sql -> PHP PEAR compatible database
exchange -> MS Exchange 5.5
imap -> IMAP protocol
*/
$conf['auth']['serverType'] = 'imap';
These three attributes are enough to be authenticated to the MailZu interface:
/*** IMAP Authentication Settings ***/
// List of IMAP servers and ports (e.g.: 10.1.1.20:143)
$conf['auth']['imap_hosts'] = array( 'imap.example.com:993' );
// IMAP type
/* Options are:
imap -> default
imaptls -> do not do start-TLS to encrypt the session, even with servers that support it
imapssl -> use the Secure Socket Layer to encrypt the session
imapcert -> use the Secure Socket Layer to encrypt the session,
do not validate certificates from TLS/SSL server, needed if server uses self-signed certificates
*/
$conf['auth']['imap_type'] = 'imapssl';
// Domain name part of the email address, (e.g.: example.com)
$conf['auth']['imap_domain_name'] = 'example.com';

416
docs/INSTALL Normal file
View File

@@ -0,0 +1,416 @@
Installation instructions for MailZu
=======================================
MailZu, a quarantine management interface for amavisd-new. It allows users
and administrators to view quarantined messages and release, request, or
delete them.
MailZu need not reside on the same host as amavisd-new. MailZu also supports
environments with multiple amavisd-new instances (as long as all instances
report to the same SQL database). MailZu is only suitable for amavisd-new
versions greater than 2.3.0.
Requirements
===============
MailZu requires that amavisd-new has SQL reporting enabled. If you want
users to be able to view more than just the simple message headers, quarantining
to SQL should be enabled.
The requirements for running MailZu is as follows:
1) Amavisd-new greater than 2.3.0.
2) A PHP-compatible web server
3) PHP 4.3.x or greater with socket support ( --enable-sockets )
4) PEAR::PEAR
5) PEAR::DB
6) PEAR::Mail_Mime
7) PEAR::Net_Socket
PHP must also be built with the respective driver for your backend.
For LDAP or Active Directory PHP must be built with '--with-ldap'.
For the database backends you can use '--with-pgsql', '--with-mysql',
etc.
For the included and optional database cleanup script
(scripts/mz_db_clean.pl):
1) Perl 5.6
2) Perl DBI with respective database driver
MailZu utilizes the recommended values for the SQL field msgrcpt.rs as
stated in the README_FILES/README.sql that comes with the amavisd-new
distribution. The cleanup script performs database purging based on old
records and those messages marked for deletion 'D'. If you already have a
script which performs database maintenance, it is recommeneded to quickly
look through the queries in the provided script and merge them.
AMAVISD-NEW SQL REQUIREMENTS
==============================
If you are currently using amavisd-new 2.4.0 or later, no changes are necessary.
If using MySQL, please make sure that you use the TIMESTAMP type for the
database field 'time_iso'. Please refer to the amavisd-new documentation for
details.
If you are using a version of amavisd-new prior to 2.4.0 (with old database
schema), please add the 'quar_loc' column to your 'msgs' table with:
ALTER TABLE msgs ADD quar_loc varchar(255) DEFAULT '';
This is a mandatory requirement for this version and future versions of MailZu.
In other words, MailZu does not care which version of amavisd-new you are running,
as long as the SQL tables match those that are needed by amavisd-new 2.4.0 or
later.
Unpacking the distribution
============================
Fetch the latest tarball from http://www.mailzu.net. The file has a format
of mailzu-x.y.tar.gz where 'x' is the version and 'y' is the revision.
Extract the archive with:
# tar xvfz mailzu-x.y.tar.gz
# cd mailzu-x.y
Overview
================
The amavisd, SQL, and MailZu services act together to offer a complete
quarantine management interface. The relationship is as follows:
-- Amavisd-new populates the SQL database with basic information about every
message processed and optionally quarantining malware to the database
-- MailZu reads from the basic information from the SQL database to give a
webmail like view of quarantined items. If the item was quarantined to the
database, MailZu can also allow viewing of the complete email.
-- MailZu requests the release of email by opening a TCP/IP socket to the
responsible amavisd-new instance. Amavisd-new itself then queries the
database for the message information and releases the email to the user.
These services may reside on one particular hosts or a seperate host for each
application. MailZu cannot communicate to Amavisd-new through a unix socket.
Configuration
================
In order to use MailZu, amavisd-new must be configured to store message
information in an SQL database.
Amavisd-new Configuration
---------------------------
All configuration variables mentioned in this subsection are meant for
amavisd-new.
MailZu is not required to reside on the same host amavisd-new does, but
MailZu must be able to communicate with all instances of amavisd-new in your
environment to release messages.
Since MailZu can support multiple amavisd-new instances it
is important that the mechanism for communication is TCP/IP, not unix
sockets.
Information about every message processed by amavisd-new can be stored in
SQL by setting the amavisd-new configuration variable @storage_sql_dsn.
# Example setting:
@storage_sql_dsn =
( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user',
'passwd']);
or:
@storage_sql_dsn = @lookup_sql_dsn; # If you plan to use the same database
# as the SQL lookups
Specify the ports that amavisd-new should bind to.
$inet_socket_bind = undef; # Bind on all interfaces
# or check amavisd.conf-sample for
# more specific examples
$inet_socket_port = [10024,9998]; # listen on this local TCP port(s)
(see $protocol)
Specify an arbitrary policy name tied for this port. 'AM.PDP' is recommended
for clarity.
$interface_policy{'9998'} = 'AM.PDP';
Associate a policy bank to that port where the protocol is 'AM.PDP' and
restrict access to that port to the host that MailZu is configured and any
additional hosts you desire.
$policy_bank{'AM.PDP'} = {
protocol => 'AM.PDP',
inet_acl => [qw( 127.0.0.1 [::1] <IP of MailZu host> )],
};
The configuration settings above is the minimal setting required by MailZu.
This allows MailZu to give an index of all messages that were considered spam
or banned. The index displays the To (admins only), From, Subject, Date, and
spam Score, for each message.
If you want users to be able to view the body of their spam messages via MailZu,
you must configure amavisd-new to quarantine messages to SQL. This can be done
with
$banned_files_quarantine_method = 'sql:';
$spam_quarantine_method = 'sql:';
This optional setting has no impact on MailZu's capability to release or
request mail.
Reload amavisd-new and try initiating a telnet session from the MailZu host to
the AM.PDP port
# telnet <Amavisd-new Host> 9998
If a connection is made than configuration of amavisd-new was successful.
Repeat this configuration procedure for every amavisd-new instance.
MailZu Configuration
----------------------
The configuration file for MailZu resides in config/config.php. The settings in
this file determines the authentication mechanism, the administrators, the
AM.PDP port used in your amavisd-new configuration, and other miscellaneous
settings.
The configuration file is populated with helpful comments that explain every
variable and their possible settings. Only the most important settings will be
discussed here.
Amavisd-new related settings
-------------------------------
For MailZu to display message indices and perform actions on the message in
question, it must be able to communicate with the amavisd-new instances and the
database which stores message information. MailZu requires the same read/write
credentials as amavisd-new in order to mark mail read or for deletion.
First specify the port where the AM.PDP protocols listens on. This is the same
port we specified earlier in "Amavisd-new Configuration".
// Amavisd-new AM.PDP port
// Since the port number can not be stored in the database
// all instances of amavisd-new must use the same AM.PDP port
$conf['amavisd']['spam_release_port'] = '9998';
All amavisd-new instances must use the same port number, but not necessarily
9998. Now we must configure MailZu to query the same database that amavisd-new
is populating.
$conf['db']['dbType'] = 'mysql';
$conf['db']['dbUser'] = 'user';
$conf['db']['dbPass'] = 'pass';
$conf['db']['dbName'] = 'dbname';
$conf['db']['hostSpec'] = 'hostname.example.com:port';
These settings should correspond to the credentials entered for the amavisd-new
configuration. The 'dbType' can be any PEAR DB compatible database. Please see
the config/config.php file for more information.
Note: If you are using MySQL database, the preferred version is 4.1.0 or later.
If your version is prior to 4.1.x, you need to apply a patch to make MailZu
compatible with it. The patch is located in contrib/mysql and is called
mysql4.0_compat.diff.
Authentication settings
-------------------------------
You can have a user authenticate to any of the following backends.
/* Options are:
ldap -> Standard LDAP server, e.g. OpenLDAP
ad -> MS Active Directory
sql -> PHP PEAR compatible database
exchange -> MS Exchange 5.5
imap -> IMAP protocol
*/
$conf['auth']['serverType'] = 'ldap';
Each seperate authentication method have related configuration variables that
must be set. Please see the appropriate (MECH)_README for more information.
Regardless of which method you choose, it is important to understand that there
will always be three attributes ( or fields for SQL ) that is critical for a
successful login.
The first of the three is the user password. For LDAP and AD, this need not be
specified, for the authentication is handled by the binding process. But for
SQL, the field of where the password is stored is required.
The second attribute is the login format. For LDAP it is usually the 'uid'
attribute, or if you want a fully qualified email address as the login, it
could be 'mail'. Active Directory has similar attributes.
This setting controls whether the user would use the login 'user', or if the
configuration variable was set to the 'mail' attribute, the login would be
'user@example.com'.
These two attributes are enough to be authenticated to the MailZu interface,
but the third attribute is what determines which messages the authenticated
user is permitted to view. This attribute is the final recipient address. It is
the email address that amavisd-new reports as the envelope recipient.
For example, if the login used was 'user', than there must be an attribute or
field that determines the email address associated with this user. Even if the
login was 'user@example.com' the third attribute may or may not be the same.
The address might have been aliased to an internal address 'user@internal.example.com'.
To get a description on how to set up these critical configuration variables for
your authentication, please see the appropriate (MECH)_README file in docs/.
Miscellaneous Settings
------------------------
Set this option to display the default MailZu logo or your custom logo:
// Image to appear at the top of each page ['img/mailzu.png']
// Leave this string empty if you are not going to use an image
// Specifiy link as 'directory/filename.gif'
$conf['ui']['logoImage'] = 'img/mailzu.png';
You can customize the welcome message with the following option:
// Welcome message show at login page ['Welcome to MailZu!']
$conf['ui']['welcome'] = 'Welcome to MailZu!';
Set the full URL to the root directory of MailZu:
// The full url to the root directory of MailZu
// Please do not include the trailing slash
$conf['app']['weburi'] = 'https://mailzuhost.example.com/mailzu';
This section deals with how mail is sent from MailZu. Please select one of the four available options.
Then define the necessary variables:
// How to send email ['mail']
/* Options are:
'mail' for PHP default mail
'smtp' for SMTP
'sendmail' for sendmail
'qmail' for qmail MTA
*/
$conf['app']['emailType'] = 'mail';
// SMTP email host address []
// This is only required if emailType is SMTP
$conf['app']['smtpHost'] = '';
// SMTP port [25]
// This is only required if emailType is SMTP
$conf['app']['smtpPort'] = 25;
// Path to sendmail ['/usr/sbin/sendmail']
// This only needs to be set if the emailType is 'sendmail'
$conf['app']['sendmailPath'] = '/usr/sbin/sendmail';
// Path to qmail ['/var/qmail/bin/sendmail']
// This only needs to be set if the emailType is 'qmail'
$conf['app']['qmailPath'] = '/var/qmail/bin/sendmail';
Set the support/admin email address with this option:
// The email addresses of the support staff and/or administrator
// An email is sent to these addresses when a user reports an error
// or clicks the "Email Administrator" link
$conf['app']['adminEmail'] = array('support@example.com', 'helpdesk@example.com');
Set this option to 1 if you want to email the admin upon each release request
// Email admin upon Release Request
// When users try to release a banned file a request is sent to an
// admin. Admins can always look at 'Pending Requests' in the MailZu
// interface regardless.
//
// $conf['app']['notifyAdmin'] = 1;
$conf['app']['notifyAdmin'] = 0;
Set this option to show the "Email Administrator" link
// Show the "Email Administrator" link for users
// If you have a large userbase, you may not want users to have the
// capability to just email the admin
// Note: The "Report Error" link is still available regardless
// of this option. This link is only visible if a fatal error occurs
// with releasing attachments. Default is 1 (show link).
//
// $conf['app']['showEmailAdmin'] = 0;
$conf['app']['showEmailAdmin'] = 1;
Set this option to 1 if you want to view the site quarantine in search only mode.
This option is very useful for large sites.
// Show Site Quarantine in search only mode if set to 1.
// No message is displayed when clicking on 'Site quarantine'.
// Keep the default for for large sites.
// $conf['app']['searchOnly'] = 1
$conf['app']['searchOnly'] = 1;
Set the default language code:
// The default language code. This must be included in the language list in
// langs.php
$conf['app']['defaultLanguage'] = 'en_US';
Set this option if you want to allow the language selection
// Display the choice for language selection during the login screen if set to 1
// Otherwise set it to 0
// Default is 1
$conf['app']['selectLanguage'] = '1';
Set this option to 1 if you want to use the Pear DB and Mail_Mime libraries included
with MailZu:
// If you are running PHP in safe mode, set this value to 1.
// This toggles if we use the included Pear DB and Mail_Mime libraries included
// with this distribution
$conf['app']['safeMode'] = 1;
Set the time format:
// View time in 12 or 24 hour format [12]
// Only acceptable values are 12 and 24 (if an invalid number is set, 12 hour
// time will be used)
$conf['app']['timeFormat'] = 12;
Set the title of the application:
// Title of application ['MailZu']
// Will be used for page titles and in 'From' field of email responses
$conf['app']['title'] = 'MailZu';
Set this option to 1 if you want to log system activity and errors:
// If we should log system activity or not [0]
// Can be 0 (for no) and 1 (for yes)
$conf['app']['use_log'] = 1;
Set the log file name (full path) using this option. You will need to create that file beforehand
and make it writable by the user running Apache.
// Directory/file for log ['/var/log/mailzu.log']
// Specify as /directory/filename.extension
$conf['app']['logfile'] = '/var/log/mailzu.log';
Set this option to determine the number of messages displayed per page:
// Maximum number of messages displayed per page
$conf['app']['displaySizeLimit'] = 50;

77
docs/LDAP_README Normal file
View File

@@ -0,0 +1,77 @@
LDAP Autentication Settings
-------------------------------
To configure MailZu to authenticate users against LDAP.
Edit the config/config.php and tailor the variables mentioned here for your
environment.
// Set an authentication method: 'ldap','ad', or 'sql'
$conf['auth']['serverType'] = 'ldap';
Set the LDAP host(s) and search base
// List of LDAP servers
$conf['auth']['ldap_hosts'] = array( 'ldaphost' );
// if set to true, LDAP connection over SSL (PHP 4.0.4 minimum)
// if set to false or not set, unencrypted LDAP connection on port 389
$conf['auth']['ldap_ssl'] = false;
// LDAP base dn, e.g. 'dc=example,dc=com'
$conf['auth']['ldap_basedn'] = 'dc=example,dc=com';
Set the LDAP attribute used for the RDN to identify a person:
// LDAP attribute used for the RDN to identify a person
// For instance if the DN for a given user is uid=joesmith,ou=people,dc=example,dc=com
// the attribute would be 'uid'
$conf['auth']['ldap_user_identifier'] = 'uid';
Set the container where all users are kept. If users are stored in multiple
containers leave this option blank.
// Container where all users are kept, e.g. 'ou=people'
// If you have users in multiple containers, leave this option blank.
// In this particular case you will need to allow anonymous binding
// or specify a user/password to bind with
$conf['auth']['ldap_user_container'] = 'ou=people';
Now we must set the login format. For LDAP it is usually the 'uid'
attribute, or if you want a fully qualified email address as the login, it
could be 'mail'.
// LDAP attribute used as login, e.g. 'uid', 'mail' or 'uidNumber'
$conf['auth']['ldap_login'] = 'uid';
At the login page of MailZu, with this setting the user would use the login
'user', or if the configuration variable was set to the 'mail' attribute, the
login would be 'user@example.com'.
These two attributes are enough to be authenticated to the MailZu interface,
but the third attribute is what determines which messages the authenticated
user is permitted to view. This configuration variable is a list of
attributes that contain recipient addresses. In most cases this will be a
list with one item such as the attribute 'mail'. But if you want to include
more address you can add more attribute names to the list.
For example, if the login used was 'user', than there must be an attribute or
field that determines the email address associated with this user. Even if the
login was 'user@example.com' the third attribute may or may not be the same.
The address might have been aliased to an internal address
'user@internal.example.com'.
// LDAP mail attributes used as the final recipient address
// Could be the actual mail attribute or another attribute
// (in the latter case look for the "%m" token in the ldap query filter in
// amavisd.conf)
$conf['auth']['ldap_mailAttr'] = array('mailRoutingAddress');
If the attribute listed for the login format is not the same as the binding
username or if no user container is not specified, we must be able to search the directory.
The settings below binds using this account to search the directory.
Set them to empty string ('') for anonymous bind.
$conf['auth']['ldap_searchUsername'] = 'manager';
$conf['auth']['ldap_searchPassword'] = 'secret';
If you want to specify the name of the user in the welcome message, you need to set the parameter below. LDAP attribute such as 'givenName', 'cn' or 'displayName' can be used:
$conf['auth']['ldap_name'] = 'givenName';

82
docs/SQL_README Normal file
View File

@@ -0,0 +1,82 @@
SQL Autentication Settings
-------------------------------
To configure MailZu to authenticate users against a PEAR compatible SQL
database...
// Set an authentication method: 'ldap','ad', or 'sql'
$conf['auth']['serverType'] = 'sql';
Set the type of database to authenticate to...
/*** Database Authentication Settings ***/
// Database type to be used by PEAR
/* Options are:
mysql -> MySQL
pgsql -> PostgreSQL
ibase -> InterBase
msql -> Mini SQL
mssql -> Microsoft SQL Server
oci8 -> Oracle 7/8/8i
odbc -> ODBC (Open Database Connectivity)
sybase -> SyBase
ifx -> Informix
fbsql -> FrontBase
*/
$conf['auth']['dbType'] = 'mysql';
Set the SQL host with optional port
// Database host specification (hostname[:port])
$conf['auth']['dbHostSpec'] = 'dbhost';
Specify the credentials needed to access the database
// Database user who can access the auth database
$conf['auth']['dbUser'] = 'user';
// Password for above user to auth database
$conf['auth']['dbPass'] = 'pass';
// Name for auth database
$conf['auth']['dbName'] = 'dbname';
// Name for auth table that contains usernames and passwords
$conf['auth']['dbTable'] = 'dbtablename';
// Name of the 'first name' or 'full name' field of the SQL table
// If such a field does not exist, leave it blank
$conf['auth']['dbTableName'] = 'givennamefield';
Now we must set the login format.
// Name of the Username field of the SQL table
$conf['auth']['dbTableUsername'] = 'usernamefield';
At the login page of MailZu, with this setting the user would use the value
listed in the above field, which may or may not be the fully qualified email
address.
Now we must set the field for the password.
// Name of the password field of the SQL table
$conf['auth']['dbTablePassword'] = 'passwordfield';
Is the password stored in the database the MD5 digest?
// true = passwords are stored md5 encrypted in database
// false = passwords are stored cleartext in database
$conf['auth']['dbIsMd5'] = true;
These two attributes are enough to be authenticated to the MailZu interface,
but the third attribute is what determines which messages the authenticated
user is permitted to view. This attribute is the final recipient address. It is
the email address that amavisd-new reports as the envelope recipient.
For example, if the login used was 'user', than there must be an attribute or
field that determines the email address associated with this user. Even if the
login was 'user@example.com' the third attribute may or may not be the same.
The address might have been aliased to an internal address
'user@internal.example.com'.
// Name of the 'mail address' field of the SQL table
$conf['auth']['dbTableMail'] = 'mailaddress';