Hi,
I'm attempting to set up a mail server that can serve addresses on
several domains. OpenSMTPD works great for a single domain, but I'm
having some trouble with mail on multiple domains.
After some research, it seems one of the common ways of going about this
is to replace the @ sign with an underscore with some fancy query_alias.
To the best of my understanding it goes like this:
[email protected] --virtuals--> user_domain.tld
user_domain.tld --userbase--> (normal userdb info)
and then the mail is delivered to the virtual mail folder. [1] This
works great, but on top of being a somewhat inelegant hack (essentially
tricking OpenSMTPD by replacing the @ with a _), it means all the
aliases (like those listed in /etc/mail/aliases) have to be put into the
database, and there is no recursion (ie, you cannot have an alias
pointing to an alias). I tried to solve this problem in several ways.
First I tried to add the default alias db (/etc/mail/aliases.db), as an
alias to the accept line. The problem with this is that, peeking at
smtpd -d -T lookup, the name lookup goes like this:
[email protected] ----alias---> [email protected]
root --userbase--> ???
Of course, the second line is where it fails, because there is no entry
for just 'root' in the userbase. OpenSMTPD does not pass the domain
along with the user, so the userbase cannot determine which domain it means.
I thought I might try having the server relay aliased mail back to
itself once the alias is resolved, however you cannot relay with an
alias. I then thought I might be able to run the resulting alias through
the virtualusers db, so it would look like this:
[email protected] ----alias---> [email protected]
[email protected] --virtuals--> root_domain.tld
root_domain.tld --userbase--> (normal userdb info)
However, it seems you cannot chain aliases or virtuals like this.
After all this, I think the solution I'm looking for is to have
OpenSMTPD pass the domain to the userdb. This would remove the need for
having a query_alias that replaces @ with _, and would also mean it
would be possible to use aliases.db on multiple domains.
Searching the mailing list archives, I found two similar threads.
Ultimately, both posters resorted to a hack like having a separate
accept line for every single domain, or the aforementioned @ replacement
hack. [2] [3]
Gilles wrote in one of these threads in 2014:
we may want to support email addresses as login, this can be discussed
it was not designed this way to start with because we didn't support
!system auth but this has changed and the use case has come up a few
times
If the developers' position on this has not changed, I would be willing
to submit a patch to add this feature (though I'm not sure of the
optimal way to express to the config file that you want the userdb query
to include the full email address. I'd love some input on this).
Let me know what you guys think, or if you know of any other possible
solutions.
Thanks,
Simon
[1]
https://hugo.barrera.io/journal/2015/02/15/opensmtpd-dovecot-shared-sql-db/
[2] https://www.marc.info/?t=142380133000002
[3] https://www.marc.info/?t=140852408700002
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
