leviathonbeast/lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2026-03-31 15:07:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
lldap/example_configs/stalwart.md
T
Federico Scodelaro 9fb252759a chore: Better example config
2026-03-24 07:55:28 +01:00

2.4 KiB
Raw Permalink Blame History

Stalwart Mailserver

Stalwart-mailserver is a Production-ready full-stack but simple mail server (SMTP, JMAP, IMAP, Sieve, LDAP, Antispam, Antivirus, etc.) written in Rust.

To integrate with LLDAP,

  1. Create "manager" user, & make sure to add it to lldap_strict_readonly group for bind permission

  2. Create "mail" group, & add users requiring email access

  3. Ensure you correctly add the following ldap settings to your Stalwart config.toml.

Config.toml File Sample - (only the ldap portion)

[storage]
  directory = "ldap"

[directory]
  [directory.ldap]
    base-dn = "dc=example,dc=org"
    timeout = "30s"
    type = "ldap"
    url = "ldap://ldap.domain.example.org:3890"
    [directory.ldap.attributes]
      class = "objectClass"
      email = "mail"
      groups = "member"
      name = "uid"
      secret = "dummyStalwartSecret"
      [directory.ldap.attributes.description]
        0 = "displayName"
    [directory.ldap.bind]
      dn = "uid=manager,ou=people,dc=example,dc=org"
      secret = "<YOUR_MANAGER_PASSWORD>"
      [directory.ldap.bind.auth]
        dn = "uid=?,ou=people,dc=example,dc=org"
        enable = true
        search = true
      [directory.ldap.bind.filter]
        email = "(&(|(objectClass=person)(member=cn=mail,ou=groups,dc=example,dc=org))(mail=?))"
        name = "(&(|(objectClass=person)(member=cn=mail,ou=groups,dc=example,dc=org))(uid=?))"
    [directory.ldap.cache]
      entries = 500
    [directory.ldap.filter]
      email = "(&(objectclass=person)(mail=?))"
      name = "(&(objectclass=person)(uid=?))"
    [directory.ldap.tls]
      allow-invalid-certs = true
      enable = false

Email alias

If you want to enable email aliases, you have to create a new User-defined attribute under User schema of type string. Currently, LLDAP doesn't support multi-value filters. If you want multiple aliases, you will have to create multiple attributes (mailAlias1, mailAlias2, ..., mailAliasN), where N is the maximum number of aliases an account will have.

You also need to change your ldap filter for emails.

[directory.ldap.filter]
# Add one clause per alias attribute you created (example: mailAlias1..mailAlias3)
email = "(&(objectclass=person)(|(mail=?)(mailAlias1=?)(mailAlias2=?)(mailAlias3=?)))"
Reference in New Issue View Git Blame Copy Permalink