Multiple emails - single account?

ugah · December 8, 2020, 2:22pm

Hi,

We have a RT system plugged into the central ldap server. When a user opens a ticket by email, the system looks up the account in the ldap and creates an account for that user with the uid.

The problem is our users often have several emails in totally different mail domains with also generally completely different left hand parts in the system and if they write using another of their emails the system identifies that the uid is already associated with another email and rejects their message with the error ‘You do not have permission to communicate with RT’.

Is there a way to allow a user account in RT to be associated with multiple totally different emails ? If so, could you point me to the part of the documentation / blog / discussion which explains how to this?

I’m not the RT admin, I have no access on the server. I only take tickets on it and solve user issues. But this problem occurs quite frequently and users have taken to writing to me personally rather than opening tickets now, defeating the object of having an RT instance in the first place…

I’ve had a quick look through the documentation but there is a lot of it and not having done the setup / configuration and not having access to the server makes it hard for me to figure out where to look for answers.

The closest I’ve come to is using:

CanonicalizeEmailAddressMatch
CanonicalizeEmailAddressReplace
CanonicalizeOnCreate

in RT_SiteConfig.pm as suggested here but as for other users, we have no consistent part of the email which we can use for canonicalization, only the uid from ldap.

We would also need to be able to merge the accounts upon message reception so as to avoid the rejection message, so I’m not sure RT-Extension-MergeUsers, as suggested here would work?

I also don’t really have the time to install and test my own RT instance in order to learn how it works and how to do this (too many tickets to take ). If you can point me in the right direction that would be great.

Thanks!

knation · December 8, 2020, 2:34pm

I think you’d need some admin access to the server to write a bit of code to get this to work. Basically off the top of my head I believe you could create a mail plugin for RT that checks the incoming address against some users.

Maybe a custom field on the user record lists other associated email addresses?

The other option that you pointed out is merging the users as they are created, but depending on your rights schema they still will get that “no permission” response when they first email in

GreenJimll · December 8, 2020, 3:58pm

Another option is to make it not RT’s problem: get the MTA that is feeding the emails into RT to canonicalize the incoming email address to a single “true” value for each user. That would mean that the Mail Transfer Agent (MTA) would have to talk to your LDAP server, but MTAs such as Exim and Postfix can do that. You’d need your local server admin to deal with this though - MTA configs are often very localised and so difficult for random people on Internet forums to help you debug! Also as you say you’re not the RT admin or server admin, I assume you’re possibly also not the local mail system admin either? What you’re asking is going to need at least one of those admins (RT, server or mail) to do some serious tweaking.

ugah · December 8, 2020, 4:00pm

Hi @knation,

OK, thanks for the advice. I don’t think I will (or want to, for that matter ) be admin on the production RT server, I’ll see if I can find the time to set up my own test machine.

If I make any breakthrough, I’ll be sure to come and brag share my experience here

Jeff_Voskamp · December 11, 2020, 2:00am

Try https://metacpan.org/pod/RT::Extension::LDAPImport::MultiEmail