Virtual Mail And FTP Hosting With iRedMail And Pure-FTPd - Page 2
6 Add LDAP attributes and values
Add LDAP attributes and values for exist mail user
Use phpLDAPadmin or other tools to add sample LDAP attributes and values for existing mail users.
Attribute Name | Value |
objectClass | PureFTPdUser |
FTPStatus | enabled |
FTPQuotaFiles | 50 |
FTPQuotaMBytes | 10 |
FTPDownloadBandwidth | 50 |
FTPUploadBandwidth | 50 |
FTPDownloadRatio | 5 |
FTPUploadRatio | 1 |
FTPHomeDir | /home/ftp/example.com/username/ |
Log into phpLDAPadmin:
Find the existing mail user [email protected]:
Add Object Class for the user [email protected]:
Select the Object Class PureFTPdUser:
The result:
Add PureFTPdUser attitbute:
All the attributes about PureFTPdUser:
Enable FTP status:
Add all the PureFTP attributes according to the below form:
Add LDAP attributes and values for new user
You can use the iredmail tools to quickly create a new user including the PureFTP attributes and values.
cd /iRedMail-0.5.0-rc2/tools/
vi create_mail_user_OpenLDAP.sh
LDAP_SUFFIX="dc=example,dc=com" # <- Change the LDAP suffix BINDPW='passwd' # <- The user cn=manager,dc=example,dc=com password PUREFTPD_INTEGRATION='YES' # <- Change form NO to YES,enable the pureftp inteegration |
Run the script create the users user1 and user2. By default, the default password is same as the user name.
bash create_mail_user_OpenLDAP.sh example.com user1 user2
adding new entry "ou=Users,domainName=example.com,o=domains,dc=example,dc=com"
ldapadd: Already exists (68)
adding new entry "ou=Groups,domainName=example.com,o=domains,dc=example,dc=com"
ldapadd: Already exists (68)
adding new entry "ou=Aliases,domainName=example.com,o=domains,dc=example,dc=com"
ldapadd: Already exists (68)
adding new entry "[email protected],ou=Users,domainName=example.com,o=domains,dc=example,dc=com"
adding new entry "[email protected],ou=Users,domainName=example.com,o=domains,dc=example,dc=com"
7 Configure iptables
By default the ports 20 and 21 are not open. If you use the ftp client test, you need open the ports 20 and 21.
vi /etc/sysconfig/iptables
# http/https, smtp/smtps, pop3/pop3s, imap/imaps, ssh
-A INPUT -p tcp -m multiport --dport 80,443,25,465,110,995,143,993,587,465,22,20,21 -j ACCEPT # <-- Add 20 21
|
Restart the iptables service:
/etc/init.d/iptables restart
8 Testing
You can use a Windows FTP client or the Linux ftp client lftp for testing.
lftp localhost
lftp localhost:~> debug 4
lftp localhost:~> login [email protected] user1 # <-- type in the username and password
lftp [email protected]@localhost:~> ls
---- Connecting to localhost (127.0.0.1) port 21
<--- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
<--- 220-You are user number 1 of 50 allowed.
<--- 220-Local time is now 16:25. Server port: 21.
<--- 220-IPv6 connections are also welcome on this server.
<--- 220 You will be disconnected after 15 minutes of inactivity.
<--- 211-Extensions supported:
<--- EPRT
<--- IDLE
<--- MDTM
<--- SIZE
<--- REST STREAM
<--- MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
<--- MLSD
<--- ESTP
<--- PASV
<--- EPSV
<--- SPSV
<--- ESTA
<--- AUTH TLS
<--- PBSZ
<--- PROT
<--- UTF8
<--- 211 End.
<--- 500 This security scheme is not implemented
<--- 200 OK, UTF-8 enabled
<--- 200 MLST OPTS type;size;sizd;modify;UNIX.mode;UNIX.uid;UNIX.gid;unique;
<--- 331 User [email protected] OK. Password required
<--- 230-Your bandwidth usage is restricted
<--- 230-User [email protected] has group access to: vmail
<--- 230-You must respect a 1:5 (UL/DL) ratio
<--- 230-OK. Current restricted directory is /
<--- 230-0 files used (0%) - authorized: 50 files
<--- 230 0 Kbytes used (0%) - authorized: 10240 Kb
<--- 257 "/" is your current location
<--- 227 Entering Passive Mode (127,0,0,1,32,58)
<--- 150 Accepted data connection
drwxr-xr-x 2 500 vmail 4096 Jun 10 16:16 .
drwxr-xr-x 2 500 vmail 4096 Jun 10 16:16 ..
-rw------- 1 500 vmail 0 Jun 10 16:16 .ftpquota
9 Troubleshooting
Enable verbose logging in pure-ftpd.conf:
vi /etc/pure-ftpd/pure-ftpd.conf
VerboseLog yes # <-- change form no to yes
|
vi /etc/syslog.conf
ftp.* -/var/log/pureftpd.log # <-- Add entry
|
Enable ldap logging:
vi /etc/openldap/slapd.conf
loglevel 256 # <-- change from 0 to 256
|
Restart pure-ftpd, syslog, and openldap:
/etc/init.d/pure-ftpd restart
/etc/init.d/syslog restart
/etc/init.d/ldap restart
Monitor /var/log/pureftpd.log and /var/log/openldap.log for troubleshooting.
tail -0f /var/log/openldap.log
tail -0f /var/log/pureftpd.log
10 Links
- Discussion forum: http://www.iredmail.org/forum/
- Project home page: http://code.google.com/p/iredmail/