On Wed, Feb 04, 2015 at 06:19:05AM -0300, Hugo Osvaldo Barrera wrote:
> On 2015-02-04 09:31, Gilles Chehade wrote:
> > On Wed, Feb 04, 2015 at 03:51:23AM -0300, Hugo Osvaldo Barrera wrote:
> > > I'm trying to clean up my setup and not have it refer to a system user at
> > > all.
> > > I also want to get rid of aliases and simply use a catch all.
> > >
> > > I currently have:
> > >
> > > table catchall { "@" => hugo } # hugo is a real system user.
> > > table mydomains { "*.barrera.io", "barrera.io" }
> > > # [...]
> > > accept from any for domain <mydomains> virtual <catchall> \
> > > deliver to mda "/usr/local/libexec/dovecot/dovecot-lda -d
> > > [email protected]"
> > >
> > > Reading the man page and the list a bit, I concluded that this should
> > > work:
> > >
> > > table catchall { "@" => user } # user does not exist as a system user
> > > table mydomains { "*.barrera.io", "barrera.io" }
> > > table myuserbase { user => user:10:100:/tmp }
> > > # [...]
> > > accept from any for domain <mydomains> virtual <catchall> userbase
> > > <myuserbase> \
> > > deliver to mda "/usr/local/libexec/dovecot/dovecot-lda -d
> > > [email protected]"
> > >
> > > Alas, it does not. When sending email to [email protected], smtpd returns
> > > 451.
> > > I got this with `smtpd -dv`:
> > >
> > > debug: aliases_virtual_get: '[email protected]' resolved to 1 nodes
> > > smtp-in: Failed command on session 58068d7cbc47df70: "RCPT
> > > TO:<[email protected]>" => 451 Temporary failure
> > >
> > > What am I doing wrong? Any hints?
> > >
> >
> > This
> >
> > > table myuserbase { user => user:10:100:/tmp }
> >
> > Should read:
> >
> > > table myuserbase { user => 10:100:/tmp }
> >
>
> That seems to have done it. Is this format missing from the man pages, or did
> I
> just miss it?
>
>From table(5):
The userinfo table is a mapping from virtual user names to a set of
system user ID, group ID and path to home directory.
A userinfo table looks as follows:
joe 1000:100:/home/virtual/joe
jack 1000:100:/home/virtual/jack
In this example, both joe and jack are virtual users mapped to the local
system user with UID 1000 and GID 100, but different home directories.
These directories may contain a forward(5) file.
However, a while (several months, possibly a year) ago, the userbase format
was the one you used, maybe you have an old man page ?
>
> I do get some issues regarding dovecot and it's lda now, though I won't go
> into
> details since it's off topic.
>
> I am wondering though: as what user is the command from `deliver to mda`
> invoked (in this case: "/usr/local/libexec/dovecot/dovecot-lda").
>
> Thanks, cheers,
>
MDA is invoked with the privileges of the end user.
Since recently this can be overriden so that all deliveries take place as
a specific user, people use it for LMTP as far as I know.
--
Gilles Chehade
https://www.poolp.org @poolpOrg
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
