Also search on the domain name for the virtual domain name in the ldap

[johansmitsnl]

See #638

[alinmear]

@johansmitsnl, @tomav the tests are passing because we have currently no explicit unit test for virtual domains. We should extend the tests, so that we cover at least:

• does the the provided file gets copy / is in place
• extend the var substitution check for the new added file
• extend the mail delivery checks for ldap based virtual domains

[johansmitsnl]

@alinmear agree to the tests. I'm not very familiar with the test of this project, could you create them based on the pull request?

[alinmear]

@johansmitsnl when i have time, i can check how to implement the tests.

[johansmitsnl]

I have reworked the PR. @tomav I removed the conflict.
Tested on my server environment and it works.
I also added LDAP_QUERY_FILTER_DOMAIN ENV variable to customise the query as other ldap filters.

@alinmear It should have these tests:

• uid different from the user part of the email: uid: username | email: emailname@mail.my-domain.com
• postfix test for vhosts: email: name@mail.my-other-domain.com
• Test email delivery for the alias/group

When the escaping is fixed remove the \| from the makefile on the LDAP_QUERY_FILTER_DOMAIN

My production env that is used (and working):

      - VIRTUAL_HOST=mail.xxx.net
      - LETSENCRYPT_HOST=mail.xxx.net
      - LETSENCRYPT_EMAIL=support@xxx.net
      - ENABLE_SPAMASSASSIN=1
      - ENABLE_CLAMAV=1
      - ENABLE_FAIL2BAN=1
      - ENABLE_FAIL2BAN=0
      - ENABLE_POSTGREY=0
      - ONE_DIR=1
      - DMS_DEBUG=0
      - ENABLE_MANAGESIEVE=1
      - SSL_TYPE=letsencrypt
      - SASLAUTHD_PASSWD=
      # >>> SASL Authentication
      - ENABLE_SASLAUTHD=1
      - SASLAUTHD_LDAP_SERVER=ldap
      - SASLAUTHD_LDAP_PROTO=
      - SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=xxx,dc=net
      - SASLAUTHD_LDAP_PASSWORD=xxx
      - SASLAUTHD_LDAP_SEARCH_BASE=dc=xxx,dc=net
      - SASLAUTHD_LDAP_FILTER=(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%U))
      - SASLAUTHD_MECHANISMS=ldap
      # <<< SASL Authentication
      # >>> Postfix Ldap Integration
      - ENABLE_LDAP=1
      - LDAP_SERVER_HOST=ldap
      - LDAP_SEARCH_BASE=dc=xxx,dc=net
      - LDAP_BIND_DN=cn=admin,dc=xxx,dc=net
      - LDAP_BIND_PW=xxx
      - LDAP_QUERY_FILTER_ALIAS=(&(mailAlias=%s)(mailEnabled=TRUE))
      - LDAP_QUERY_FILTER_GROUP=(&(mailGroupMember=%s)(mailEnabled=TRUE))
      - LDAP_QUERY_FILTER_USER=(&(mail=%s)(mailEnabled=TRUE))
      - LDAP_QUERY_FILTER_DOMAIN=(&(\|(mail=*@%s)(mailalias=*@%s)(mailGroupMember=*@%s))(mailEnabled=TRUE))
      # <<< Postfix Ldap Integration
      # >>> Dovecot Ldap Integration
      - DOVECOT_USER_FILTER=(&(objectClass=PostfixBookMailAccount)(\|(uniqueIdentifier=%n)(mail=%u)))
      - DOVECOT_PASS_FILTER=(&(objectClass=PostfixBookMailAccount)(\|(uniqueIdentifier=%n)(mail=%u)))
      # <<< Dovecot Ldap Integration

[tomav]

Welcome @alinmear in docker-mailserver collaborators :-)

[alinmear]

@tomav thx for adding me ;)

[johansmitsnl]

Not sure why tests are failing. Did a rewrite of the PR 3 times now and before this last rewrite it was ok. Could @alinmear or @tomav take a look at it before more changes are made to master?

[tomav]

Restarted build.

[alinmear]

@johansmitsnl i will check this on the weekend.

[johansmitsnl]

@tomav @alinmear I have updated the PR with tests and they pass all now.
Can someone review and accept if ok?

[alinmear]

@johansmitsnl looks good to me; thx for the contribution. Anyone else, otherwise i would merge it?!