On Sat, Sep 01, 2018 at 11:59:20AM -0400, Matt Schwartz wrote: > I am afraid that I am hopelessly confused on the userbase parameter. > If I were to have the following: > > # credentials > user1 <encrypted_password_goes_here> > > # userinfo > # vmail user is 2000 > user1 2000:2000:/var/vmail/user1 > > # virtuals > us...@domain1.com vmail > > [...] > > In theory, shouldn't this deliver email addressed to us...@domain1.com > to /var/vmail/user1/Maildir/new? >
you got the configuration file wrong again, despite having it right with the comment itself: > # vmail user is 2000 > user1 2000:2000:/var/vmail/user1 I'll describe how things work in this mail so it serves as reference for future questions regarding aliases, virtual and userbase: Aliases and virtuals are mutually exclusive features that operate at the same level, converting an e-mail address into a local user. Userbases operate at a lower level, allowing to lookup system details of a local user such as uid, gid and home directory. You don't have to have aliases or virtuals, but you MUST have a userbase which defaults to the system user database when you don't specify one. Aliases and virtuals can be seen as functions that take an e-mail as the input and produce usernames that _MUST_ exist in the underlying userbase as the output, otherwise the recipient will be rejected. The difference between aliases and virtuals is subtle but simple: - aliases assume that all users on the system are allowed to get e-mails and that the user-part of recipient e-mail addresses are the usernames on the system. the mechanism allows you to provide an OPTIONAL list of transformations in case some recipients have user-parts that are not a system user, and it assumes that if no alias is found, then user-parts must be looked up as real usernames. - virtuals assume that users are NOT allowed to get e-mails, unless they are EXPLICITELY allowed on a list. either a transform is found and the recipient is converted into a username, or the recipient is rejected. You can receive e-mail if you're not in the aliases list, if you have an account on the system with a username matching the user-part. You can't receive e-mail if you're not in the virtuals list, EVEN if you have an account matching the user-part. Now with that being said, converting a recipient into a username doesn't help us much if that username doesn't exist for real. We need a uid, gid and a home directory, so no matter if you used aliases, virtuals or none of them, the username behind a recipient must be found in the user base. If I take your example: > # vmail user is 2000 > user1 2000:2000:/var/vmail/user1 > > # virtuals > us...@domain1.com vmail you have resolved us...@domain1.com into the user 'vmail'. then we lookup the user 'vmail' in the userbase and ... nope, not found. Hope it clears it for everyone. -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
