New: howto/use.openldap.as.address.book.in.outlook.md.

Add one new error message in faq/errors.md.

faq/errors.md

@@ -2,6 +2,38 @@
 
 [TOC]
 
+## Postfix
+### Sender address rejected: not owned by user user@domain.ltd
+
+This error is caused by restriction rule `reject_sender_login_mismatch` in
+Postfix parameter `smtpd_recipient_restrictions`, in file `/etc/postfix/main.cf`:
+
+```
+smtpd_recipient_restrictions =
+    ...
+    reject_sender_login_mismatch,
+    ...
+```
+
+It will reject the request when $smtpd_sender_login_maps specifies an owner
+for the MAIL FROM address, but the client is not (SASL) logged in as that MAIL
+FROM address owner; or when the client is (SASL) logged in, but the client
+login name doesn't own the MAIL FROM address according to $smtpd_sender_login_maps.
+Check [manual page of Postfix configuration file](http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch) for more details.
+
+Removing `reject_sender_login_mismatch` and restarting Postfix service fixes
+this issue.
+
+> If you want to allow some users to send as other users, or allow all users
+> to send as their alias addresses, or allow member of mail list/alias to send
+> as mail list/alias, you should try iRedAPD plugin `reject_sender_login_mismatch`
+> instead (requires iRedAPD-1.4.4 or later releases).
+> 
+> Read comments in file `/opt/iredapd/plugins/reject_sender_login_mismatch.py`,
+> then enable it in iRedAPD config file `/opt/iredapd/settings.py` (`plugins = `),
+> restart iRedAPD service. That's all.
+
+
 ## Amavisd
 
 ### connect to 127.0.0.1[127.0.0.1]:10024: Connection refused

howto/use.openldap.as.address.book.in.outlook.md

@@ -0,0 +1,18 @@
+# Use OpenLDAP as address book in Microsoft Outlook
+
+Tested with Outlook 2007:
+
+* on account settings choose address book tabs
+* click new
+* choose Internet directory service(LDAP)
+* insert the servername (for me, i set it to IP of the server)
+* checked this " this server requires me to logon"
+* Fill the username with --> mail=www@testserver.com,ou=Users,domainName=testserver.com,o=domains,dc=testserver,dc=com, dont forget to insert user passwd
+* Click "More Settings"
+* Leave by default,
+* Click "Search"
+* Choose "custom" and insert with --> ou=Users,domainName=testserver.com,o=domains,dc=testserver,dc=com
+* Finish
+
+you need make sure network port 389 (OpenLDAP service) is open on your iRedMail
+server, otherwise, you need config the iptables.

html/errors.html

@@ -14,6 +14,10 @@
 <div class="toc">
 <ul>
 <li><a href="#errors-you-may-see-while-maintaining-iredmail-server">Errors you may see while maintaining iRedMail server</a><ul>
+<li><a href="#postfix">Postfix</a><ul>
+<li><a href="#sender-address-rejected-not-owned-by-user-userdomainltd">Sender address rejected: not owned by user user@domain.ltd</a></li>
+</ul>
+</li>
 <li><a href="#amavisd">Amavisd</a><ul>
 <li><a href="#connect-to-12700112700110024-connection-refused">connect to 127.0.0.1[127.0.0.1]:10024: Connection refused</a></li>
 </ul>
@@ -22,6 +26,32 @@
 </li>
 </ul>
 </div>
+<h2 id="postfix">Postfix</h2>
+<h3 id="sender-address-rejected-not-owned-by-user-userdomainltd">Sender address rejected: not owned by user user@domain.ltd</h3>
+<p>This error is caused by restriction rule <code>reject_sender_login_mismatch</code> in
+Postfix parameter <code>smtpd_recipient_restrictions</code>, in file <code>/etc/postfix/main.cf</code>:</p>
+<pre><code>smtpd_recipient_restrictions =
+    ...
+    reject_sender_login_mismatch,
+    ...
+</code></pre>
+
+<p>It will reject the request when $smtpd_sender_login_maps specifies an owner
+for the MAIL FROM address, but the client is not (SASL) logged in as that MAIL
+FROM address owner; or when the client is (SASL) logged in, but the client
+login name doesn't own the MAIL FROM address according to $smtpd_sender_login_maps.
+Check <a href="http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch">manual page of Postfix configuration file</a> for more details.</p>
+<p>Removing <code>reject_sender_login_mismatch</code> and restarting Postfix service fixes
+this issue.</p>
+<blockquote>
+<p>If you want to allow some users to send as other users, or allow all users
+to send as their alias addresses, or allow member of mail list/alias to send
+as mail list/alias, you should try iRedAPD plugin <code>reject_sender_login_mismatch</code>
+instead (requires iRedAPD-1.4.4 or later releases).</p>
+<p>Read comments in file <code>/opt/iredapd/plugins/reject_sender_login_mismatch.py</code>,
+then enable it in iRedAPD config file <code>/opt/iredapd/settings.py</code> (<code>plugins =</code>),
+restart iRedAPD service. That's all.</p>
+</blockquote>
 <h2 id="amavisd">Amavisd</h2>
 <h3 id="connect-to-12700112700110024-connection-refused">connect to 127.0.0.1[127.0.0.1]:10024: Connection refused</h3>
 <p>This error means Amavisd service is not running, please try to start it first.</p>

html/index.html

@@ -72,6 +72,7 @@
 <li><a href="sql.per-user.send.receive.restrictions.html">SQL: Per-user inbound and outbound restrictions</a></li>
 <li><a href="store.spamassassin.bayes.in.sql.html">Store SpamAssassin bayes in SQL</a></li>
 <li><a href="use.a.bought.ssl.certificate.html">Use a bought SSL certificate</a></li>
+<li><a href="use.openldap.as.address.book.in.outlook.html">Use OpenLDAP as address book in Microsoft Outlook</a></li>
 </ul>
 <p>Documents contributed by iRedMail users:</p>
 <ul>

html/use.openldap.as.address.book.in.outlook.html

@@ -0,0 +1,40 @@
+<html>
+    <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <title>Use OpenLDAP as address book in Microsoft Outlook</title>
+        <link href="./css/markdown.css" rel="stylesheet"></head>
+    </head>
+    <body>
+    
+    <div id="navigation">
+        <a href="http://www.iredmail.org" target="_blank">iRedMail web site</a>
+    
+        // <a href="./index.html">Document Index</a>
+    </div><h1 id="use-openldap-as-address-book-in-microsoft-outlook">Use OpenLDAP as address book in Microsoft Outlook</h1>
+<p>Tested with Outlook 2007:</p>
+<ul>
+<li>on account settings choose address book tabs</li>
+<li>click new</li>
+<li>choose Internet directory service(LDAP)</li>
+<li>insert the servername (for me, i set it to IP of the server)</li>
+<li>checked this " this server requires me to logon"</li>
+<li>Fill the username with --&gt; mail=www@testserver.com,ou=Users,domainName=testserver.com,o=domains,dc=testserver,dc=com, dont forget to insert user passwd</li>
+<li>Click "More Settings"</li>
+<li>Leave by default,</li>
+<li>Click "Search"</li>
+<li>Choose "custom" and insert with --&gt; ou=Users,domainName=testserver.com,o=domains,dc=testserver,dc=com</li>
+<li>Finish</li>
+</ul>
+<p>you need make sure network port 389 (OpenLDAP service) is open on your iRedMail
+server, otherwise, you need config the iptables.</p><p style="text-align: center; color: grey;">Document published under a <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">CC BY-ND 3.0</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<!-- Google Analytics -->
+<script type="text/javascript">
+    var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+    document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+    try {
+        var pageTracker = _gat._getTracker("UA-3293801-14");
+        pageTracker._trackPageview();
+    } catch(err) {}
+</script>
+</body></html>