Thanks for your reply. I hadn't thought of using OpenSMTPd as the MDA, I
kept trying to get the usernames to work of LMTP to dovecot. Since I
need the sieve support from dovecot, I'll probably modify this solution
to use the dovecot lda, but it's definitely put me on the right track.
Under this setup though, users would still have to use a "bare"
username, and wouldn't be able to sign-in using something like
<name>@<domain> as their username which isn't ideal. Is there any way to
make OpenSMTPd match the user against the entire address rather than
just the user part?
Thanks,
Josh Kunz
On 2/12/15 10:20 PM, Seth wrote:
On Thu, 12 Feb 2015 19:18:45 -0800, Josh Kunz <[email protected]> wrote:
I'm trying to run an OpenSSMTPd + dovecot setup for two separate
domains. I'd like to be able to assign passwords based on the user and
the domain part of the address, and using actual email addresses as
the user names helps with integrating with dovecot.
I can create a userbase table where the user field is a standard email
address, but since OpenSMTPd is only matching against the userbase
using the user part of the address the userbase alone doesn't work. I
thought that using a virtual user map might work, but since the user
names on the right hand side of the table are valid email addresses it
triggers a circular lookup.
Is there any way I can users whose names are addresses?
Yes you can. Granted, this is really more of a dovecot question, but
since I had to figure out how to do the same thing on my own, and
dovecot is in my opinion a natural companion to OpenSMTPD, I'm happy to
help.
The process is basically this:
* Add a system account (and group) for a user called 'email' that will
serve as the 'virtual mail' user with a (completely arbitrarily chosen)
home directory of /var/vmaildir
* Configure OpenSMTPD to deliver emails in Maildir format to that directory
* Configure Dovecot to look in that same directory for email and
authenticate IMAP/POP users against a plain text file containing
usernames in the format [email protected] and corresponding passwords
Now for the relevant lines and changes in config files
/etc/passwd
-----------
email:7200::::::/var/vmaildir:nologin:
/etc/group
----------
email:*:7200:
/etc/mail/smptd.conf
--------------------
table vdoms "/etc/mail/vdoms"
table vusers "/etc/mail/vusers"
accept from any for domain <vdoms> virtual <vusers> deliver to maildir
"/var/vmaildir/%{dest.domain:lowercase}/%{dest.user:lowercase|strip}/mail/"
/etc/dovecot/conf.d/10-auth.conf
--------------------------------
auth_mechanisms = plain
!include auth-passwdfile.conf.ext
/etc/dovecot/conf.d/10-mail.conf
--------------------------------
mail_home = /var/vmaildir/%d/%n
mail_location = maildir:~/mail
namespace inbox {
inbox = yes
}
mail_uid = email
mail_gid = email
/etc/dovecot/conf.d/auth-passwdfile.conf.ext
--------------------------------------------
passdb {
driver = passwd-file
args = scheme=CRYPT username_format=%n /etc/dovecot/userdb/%d
}
userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/userdb/%d
# Default fields that can be overridden by passwd-file
default_fields = uid=email gid=email
}
/etc/dovecot/userdb/domain1.tld
-------------------------------
joeuser:{SHA512-CRYPT}pwhash-gobbletygook::::/var/vmaildir/domain1.tld/joeuser:/bin/nologin
billybobuser:{SHA512-CRYPT}pwhash-gobbletygook::::/var/vmaildir/domain1.tld/billybobuser:/bin/nologin
/etc/dovecot/userdb/domain2.tld
-------------------------------
sallyuser:{SHA512-CRYPT}pwhash-gobbletygook::::/var/vmaildir/domain2.tld/sallyuser:/bin/nologin
Generate the SHA512-CRYPT pw hash string for each user with this command
doveadm pw -s SHA512-CRYPT -p "superpassword"
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
