On Thu, 12 Feb 2015 19:18:45 -0800, Josh Kunz <[email protected]> wrote:
I'm trying to run an OpenSSMTPd + dovecot setup for two separate
domains. I'd like to be able to assign passwords based on the user and
the domain part of the address, and using actual email addresses as the
user names helps with integrating with dovecot.
I can create a userbase table where the user field is a standard email
address, but since OpenSMTPd is only matching against the userbase using
the user part of the address the userbase alone doesn't work. I thought
that using a virtual user map might work, but since the user names on
the right hand side of the table are valid email addresses it triggers a
circular lookup.
Is there any way I can users whose names are addresses?
Yes you can. Granted, this is really more of a dovecot question, but since
I had to figure out how to do the same thing on my own, and dovecot is in
my opinion a natural companion to OpenSMTPD, I'm happy to help.
The process is basically this:
* Add a system account (and group) for a user called 'email' that will
serve as the 'virtual mail' user with a (completely arbitrarily chosen)
home directory of /var/vmaildir
* Configure OpenSMTPD to deliver emails in Maildir format to that directory
* Configure Dovecot to look in that same directory for email and
authenticate IMAP/POP users against a plain text file containing usernames
in the format [email protected] and corresponding passwords
Now for the relevant lines and changes in config files
/etc/passwd
-----------
email:7200::::::/var/vmaildir:nologin:
/etc/group
----------
email:*:7200:
/etc/mail/smptd.conf
--------------------
table vdoms "/etc/mail/vdoms"
table vusers "/etc/mail/vusers"
accept from any for domain <vdoms> virtual <vusers> deliver to maildir
"/var/vmaildir/%{dest.domain:lowercase}/%{dest.user:lowercase|strip}/mail/"
/etc/dovecot/conf.d/10-auth.conf
--------------------------------
auth_mechanisms = plain
!include auth-passwdfile.conf.ext
/etc/dovecot/conf.d/10-mail.conf
--------------------------------
mail_home = /var/vmaildir/%d/%n
mail_location = maildir:~/mail
namespace inbox {
inbox = yes
}
mail_uid = email
mail_gid = email
/etc/dovecot/conf.d/auth-passwdfile.conf.ext
--------------------------------------------
passdb {
driver = passwd-file
args = scheme=CRYPT username_format=%n /etc/dovecot/userdb/%d
}
userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/userdb/%d
# Default fields that can be overridden by passwd-file
default_fields = uid=email gid=email
}
/etc/dovecot/userdb/domain1.tld
-------------------------------
joeuser:{SHA512-CRYPT}pwhash-gobbletygook::::/var/vmaildir/domain1.tld/joeuser:/bin/nologin
billybobuser:{SHA512-CRYPT}pwhash-gobbletygook::::/var/vmaildir/domain1.tld/billybobuser:/bin/nologin
/etc/dovecot/userdb/domain2.tld
-------------------------------
sallyuser:{SHA512-CRYPT}pwhash-gobbletygook::::/var/vmaildir/domain2.tld/sallyuser:/bin/nologin
Generate the SHA512-CRYPT pw hash string for each user with this command
doveadm pw -s SHA512-CRYPT -p "superpassword"
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
