Hello world,
I have built a moderately complex software solution involving courier mail server that is being administered from a web application written in Java. Now I need to enhance this system, to allow adding aliases for the existing (local) mail accounts from addresses in virtual mail domains that will be hosted on the same server. server : grupy.engo.pl example existing accounts (local @ grupy.engo.pl) : maciek ania rafal virtual domains (their MX records will point to grupy.engo.pl) : pah.grupy.engo.pl klon.grupy.engo.pl desired mail routing: [EMAIL PROTECTED] ---> maciek [EMAIL PROTECTED] ---> maciek [EMAIL PROTECTED] ---> ania undesired mail routing: [EMAIL PROTECTED] -/-> ania [EMAIL PROTECTED] -/-> rafal [EMAIL PROTECTED] -/-> rafal A note about authentication: I'm using LDAP authentication, all of the above accounts has an LDAP entry under ou=people,dc=grupy,dc=ngo,dc=pl and does not have a corresponding unix account (only a home directory with delivery instructions and the Maildir) Here are the options of implementing the above, that I am aware of at this moment. I went throught the documentation & configuration files several times but I did little actual testing. Firstly, I know that I need to put the names of the virtual domains into esmtpacceptmailfor and hosteddomains, but not put them into locals. AFAIK this is the lowest common denominator of all approaches. 1) using ordinary aliases Courier FAQ, under Q: using wirtual domains states that it is possible to use sendmain-style virtual domains with the following alias entry: [EMAIL PROTECTED]: maciek etc. On the other hand, manual page for makehosteddomains contains the folowing "NOTE that [EMAIL PROTECTED] must be a real account, not a mail alias.". This makes me wonder how would the aforementioned sendmail-style alias work. My understanding is the following -if I put pah.grupy.engo.pl into hosteddomains courier will look for a local mailbox named '[EMAIL PROTECTED]' ignoring aliases alltogether, and will fail to deliver the message. -if I put pah.grupy.engo.pl into locals courier will strip the domain part of the address and deliver the message to local mailbox 'maciek'. So far so good, but it would also deliver mail addressed to [EMAIL PROTECTED] to local mailbox 'rafal', which is undesirable. There is a concept of virtal domain administrator who should have the control which local users have the aliases in that domain and which have not. -if I don't put pah.grupy.engo.pl into either of these files, courier would try to route that message away, and since the server is declared as the MX for that domain it will declare the message to be undelivarable. If the sendmail-style aliases really work I'm obviously missing something, I'd mostly appreciate explainations. 2) creating artificial LDAP entries Since courier would be looking for local account named '[EMAIL PROTECTED]' I could add the following entry to LDAP: dn: [EMAIL PROTECTED],ou=people,dc=grupy,dc=ngo,dc=pl objectclass: myArtificialUserAccount mail: [EMAIL PROTECTED] homeDirectory: /usr/lib/courier/vmail/maciek This solution seems quite simple as I think of it now, but it has a bit of hack flavour to it, and it has the disadvantage of mixing two types of entries in the ou=people context. 3) Using LDAP email map suppose I create the following LDAP entries: dn: ou=virtual domains,dc=grupy,dc=ngo,dc=pl objectclass: organizationalUnit ou: virtual domains dn: domain=pah.grupy.engo.pl,ou=virtual domains,dc=grupy,dc=ngo,dc=pl objectclass: myVirtualDomain domain: pah.grupy.engo.pl dn: mail=maciek,domain=pah.grupy.engo.pl,ou=virtual domains,dc=grupy,dc=ngo,dc=pl objectclass: myVirtualAccount mail: maciek uid: maciek etc. and Maciek has the following entry under ou=people dn: uid=maciek,ou=people,dc=grupy,dc=ngo,dc=pl objectClass: myMailAccount uid: maciek cn: Maciej Kulawski homeDirectory: /var/lib/courier/vmail/maciek cryptPassword: .... mail: maciek the configuration of LDAP email map would be the following: LDAP_EMAILMAP = (&(mail=@user@)(domain=@realm@)) LDAP_EMAILMAP_BASEDN = ou=virtual domains,dc=grupy,dc=ngo,dc=pl LDAP_EMAILMAP_ATTRIBUTE = uid LDAP_EMAILMAP_MAIL = uid This solution seems simple enough, but unfortunately the server that is running the system is running Debian stable (woody) and it contains courier 0.37.3 that doesn't have the LDAP email map functionality. I recon that it would be possible to upgrade courier on that server to the 0.40.2 from Debian unstable (sid), but I'd prefer to avoid that, in case that some changes in courier break something in my integration layer (the system is live and has a few hundreds of accounts now). 4) using qmail style virtual domains I could create aliases like @pah.grupy.engo.pl: domains_pah And try to route messages from that mailbox using maildrop & gdbm. This is not a favourable solution for me, because I would have to learn maidrop script syntax, and manipulate the berkley db files from Java (need to research for tools etc.) Any solution that is based on accessing LDAP, platintext files and running shell scripts is preferred. I'd be most grateful for opinions on the solutions described above, experiences with implementing these, and suggestions of other solutions. Thanks in advance! Rafal. ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
