HOWTO: on vacation autoreply with Postfix/LDAP and Gnarwl
Posted by Vide on July 28, 2007
If your users are asking for an autoreply feature when they’re on vacation, and you are currently using postfix as MTA with a LDAP backend for authentication, IMO the best solution is to use Gnarwl and configure it following these simple steps:
- download the most recent Gnarwl’s tarball in a place of choice
- unpack it and install it with
./configure
make
make install
make perm
this will install Gnarwl under /usr/local and do all the dirty work (creating the gnarwl local user for example, check your /etc/passwd ) - edit /usr/local/etc/gnarwl.cfg to look like this:
map_sender $sender
map_receiver $recepient
map_subject $subject
map_field $fullname cn
server your.ldap.server.com
port 389
scope sub
protocol 3
base ou=Users,dc=YOURCOMPANY,dc=com
queryfilter (&(mail=$recepient)(vacationActive=active))
result vacationInfo
blockfiles /usr/local/var/lib/gnarwl/block/
umask 0644
blockexpire 6
mta /usr/sbin/sendmail -t $recepient
maxreceivers 64
maxheader 512
charset ISO8859-15
badheaders /usr/local/var/lib/gnarwl/badheaders.db
blacklist /usr/local/var/lib/gnarwl/blacklist.db
forceheader /usr/local/var/lib/gnarwl/header.txt
forcefooter /usr/local/var/lib/gnarwl/footer.txt
recvheader To Cc
vacationActive and vacationInfo are two attibutes that have to exist in the LDAP schema you’re using for your users. Obviously you can use whatever attribute you prefer, you simple have to literally change the vacationActive/vacationInfo in this config with your own attributes, keeping in mind that vacationActive is used to check if autoreply is enabled or not for that particular user and vacationInfo it’s the text that is being used as a reply (note: you can use CR/LF in it, to obtain a multiline text). The other parameter that deserves a comment is blockexpire: here you can put the amount of time (in hours) during wich an autoreply to the same sender will not be sent. For example, if john@foo.com tries to send a mail to duke@yourcompany.com, he will receive the vacation message. But, as in our config example, john sends another message within 3 hours, he won’t get any message at all. He has to wait 3 more hours to get notified again (blockexpire was set to 6 hours, remember) - as the doc/INSTALL file in Gnarwl says, the quick-and-dirty way to enable Gnarwl in a postfix installation (this is the method I’m using, too :) is to edit /etc/postfix/main.cf and simply add the line
always_bcc=gnarwlThis works by delivering every message to the local gnarwl user (even if you are in a virtual environment), which has a .forward file that pipes everything to the gnarwl binary program, which takes care of everything - Now, the final step: to activate the vacation message for one of your customer, simply edit your LDAP data, add a vacationActive attribute with an “active” value to the user you want, and add vacationInfo with the text you want. That’s all.
For more info and more detailed configuration instructions, please refer to the doc/INSTALL file in your gnarwl tarball.
Nick Celebic said
Thanks for the tip about CR/LF in gnarwl, I hadn’t tried it yet, but checked google for gnarwl and cr. Your blog was the first that came up. Now at least I can code the php interface without thinking it was in vain
vide80 said
Thanks to you for your comment :)
One more thing I’ve noticed while using the autoreply with CR/LF: using PhpLDAPAdmin I can copy&paste multilines text only with Firefox under Linux, it doesn’t work with the Windows version, it pastes only the first line.
Nick Celebic said
I’m coding a PHP frontend this afternoon with a multiline textbox…Not sure if it’s going to work, but I’ll let you know. I’m the sysadmin at an ISP and I’m coding a customer side form. I’ll be damned if I’d modify through ldapadmin for every customer ;)
Nick Celebic said
It does indeed work. An HTML textbox as the input, and modifying the LDAP attribute with it works perfectly.
Darragh Gammell said
Hi
Thanks for the doc. I have found an issue though that I hope you can help with. The always_bcc is processed prior to an alias being resolved to its real mailbox address.
When an email is sent to an alias gnawrl uses the alias name for the ldap lookup and as the alias does not have the vacationActive parameter set it returns no match.
The alias is then resolved to the real mailbox and the mail delivered but no ldap lookup is done against the real mailbox.
hope this make sense and you can help
D
Vide said
Good point! You’re right, this happens to me as weel, but I’ve never discovered it until you pointed it out. So, I have no answer for you right now, I’ll investigate it a bit and I’ll update the post in the case I find a solution.
Thanks for your comment :)
bettwanze said
To address the alias resolving problem I’m using the recipient_bcc_maps option main.cf. The map performs a LDAP lookup which checks for the vacationActive attribute as well as alternate recipients addresses (query_filter). A successful query returns the users mail attribute (result_attribute) . The incoming message is bcc’d to a virtual autoreply.yourdomain subdomain (result_format = %u@autoreply.yourdomain). A postfix transport map (autoreply.yourdomain gnawrl:yourdomain) then forwards the message to gnarwl which is defined as an pipe interface in master.cf. The recipient address to be processed by gnarwl (query_filter) is explicitly set with “-a ${user}@${nexthop}” (argv) in master.cf. In this case the address matches the users mail attribute in LDAP.
I hope this probably short howto is of any help…
Ozzy said
So,
Anybody has written a web interface to update users to set their vacation messages? It will be great to see a download link for such page in this tutorial also..
Vide said
I do have one for our intranet. I’m planning to adapt it a little bit for public consumption and then release it here. It’s just a little dirty PHP script and nothing more, but it works :)
rtv said
Anyone happy to share his frontend now?
Patrick said
“download the most recent Gnarwl’s tarball in a place of choice”
Just wanted to point out, that the most recent version is now v3.4 and it’s hosted at http://www.onyxbits.de/gnarwl
Andy said
Hello all,
I am having trouble with the gnarwl search filter, can anyone help?
I am using the following search criteria:
queryfilter (&(audio=$recepient)(vacationActive=TRUE))
I get the following in the mail.log:
gnarwl[9599]: DEBUG/MAIL Code: 6 MessageID:
gnarwl[9599]: DEBUG/LDAP No match: (audio=temps@autoreply.test.net)
Does anyone know why this occurs?
Christoph said
just in case:
is it the typo in
queryfilter (&(audio=$recepient)(vacationActive=TRUE))
?
Christoph said
hm, strong emphasis is not so strong in my last post :?
you had recEpient, maybe that just doesn’t match the ldap field name …
pyarra said
Regarding the alias issue – you could probably tailor the queryfilter (&(mail=$recepient)(vacationActive=active)) so that is searches for $recipient in mail or also the attribute used for aliases (e.g. I use maildrop). I’m about to try setting up gnarwl with LDAP so I’ll post back how I went. I’m thinking this might work:
(&(|(mail=$recepient)(maildrop=$recipient))(vacationActive=active))
Louis said
Thanks to the howto and the comments on this page (and a lot of head scratching), I managed to get gnarwl working.
I still have a problem though. If I send an email to two adresses that have autoreply active, I only get the autoreply from the first adresse, not both. Anyone else seen this ?
Gabriele said
Hi I have a question, I installed gnarwl v 3.3, every things work well, but I have a problem, when I set the vacation form my the user A, and user B send an email to user A, user B have a bounce with vacation, but user A have bounce too.
It’s possible send bounce only for the user B ???
thanks in advance
Vide said
@Gabriele (and others asking): I think you cannot do this, at least without patching and recompiling gnarwl, AFAIK. I will be happy if proven wrong :)
Darwin said
hello man:
Well I’m tried config postfix, ldap, dovecot and gnarwl but I received some message like as:
fatal: ldap:transport(0,lock|fold_fix): table lookup problem
In my transport file have the next lines:
.autoreply gnarwl:
and at my master.cf file have the next line:
gnarwl unix – n n – – pipe
flags=F user=vmail argv=/usr/local/bin/gnarwl -a ${user}@${nexthop} -s ${sender}
Can you help me ?
Ravi said
Configured an SMTP client for encryption and SASL auth to a relay host but get
the following error
Relay access denied (in reply to RCPT TO command))