On Fri, Aug 30, 2019 at 11:14:37PM -0500, Edgar Pettijohn wrote: > On Fri, Aug 30, 2019 at 05:00:24PM +0200, Ede Wolf wrote: > > Hello, > > > > > > Semi complete example at the bottom. I'll leave it to you to reverse translate > to the old syntax. I didn't notice till after I was done and am too lazy to > change it. :) Also noticed while re-reading smtpd.conf(5) there is a `user' > keyword that can be used in an action: > > user username > Specify the username for performing the delivery, to be > looked up with getpwnam(3). > > This is used for virtual hosting where a single username > is in charge of handling delivery for all virtual users. > > This option is not usable with the mbox delivery method. > > Not sure if its available in whichever version you are using, but may make > things easier enough to warrant an upgrade. > > > While trying to learn opensmtpd, amongst other things I am struggeling with > > the virtual user handling - for a non virtual domain setup. > > > > From what I have been able to understand so far it seems, as if there is no > > way to deliver mails to a lmtp socket, if there is not at least some > > reference/mapping to a system user? > > > > accept from any for domain "example.com" recipient <vusers> alias <aliases> > > deliver to lmtp "/run/cyrus/lmtp" rcpt-to as nobody > > > > where vusers contains: > > vusers would need to be `key => value' pairs > > > b...@example.com > > This is a list. More suitable for a vdomains table. > > > > > However, despite being listed in vusers, when trying to send a mail to bob, > > it gets rejected with "550 Invalid recipient". Creating a systemuser "bob" > > makes it work. But then I do not need the vusers table, so I am wondering, > > is it possible to get along without the need for a system user? > > Now the man page mentions a userbase parameter, and I assume, the according > > table has to be in the format of the userinfo table mentioned in tables(5)? > > What then effectively again refers to a system user - just with a mapping in > > between. > > > > My attempts with a single userlist instead so far either resulted in a > > 'invalid use of table "susers" as USERBASE parameter' or simply a syntax > > error. > > > > Is that assumption correct? Is there no way of keeping virtual users > > completely off the system or did I get something terribly wrong? Even when > > not using mbox/Maildir at all, where this requirement could make sense? > > > > They are off the system, but some real user has to own the mailbox, etc... > > > And since user filtering will eventually be done at an earlier stage, I > > would like smtpd to be able to unconditionally forward any mail unaltered > > (except aliases) to the lmtp socket. > > > > So, in addition to bob@example as for the tests com I would like to be able > > to use *@example.com or just example.com to not do any user checking at all. > > Depending on the syntax requirements. > > > > Is it possible to deactivate the user checking one way or the other? > > you could use a catchall > > /etc/mail/vusers > > @ catchall > > > > > Thanks for any insight or heads up on what I may have missed or > > misunderstood. > > > > > > Ede > > > > groupadd -g 5000 vmail > useradd -g vmail -u 5000 vmail -d /var/vmail -m > chown -R vmail.vmail /var/vmail > > /etc/mail/userinfo > > bob 5000:5000:/var/vmail/bob > > /etc/mail/vusers > > b...@example.com bob > > /etc/mail/smtpd.conf snippet > > action "a01" lmtp "/var/cyrus/lmtp" rcpt-to userbase <userinfo> virtual > <vusers> > # may need to finesse the above. I'm not using cyrus or userbase table, so > not 100 percent > # sure if it will work as is. > > match from all for domain <domains> action "a01"
Another option (that I use): /etc/mail/vusers b...@example.com vmail action "a01" lmtp "/var/cyrus/lmtp" rcpt-to virtual <vusers> match from all for domain <domains> action "a01" No need for the userbase. I'm not really sure where a userbase table comes into play. Maybe someone out there using it can provide an example use case. > > it sorta works... > deathstar$ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 deathstar.my.domain ESMTP OpenSMTPD > ehlo p.com > 250-deathstar.my.domain Hello p.com [127.0.0.1], pleased to meet you > 250-8BITMIME > 250-ENHANCEDSTATUSCODES > 250-SIZE 36700160 > 250-DSN > 250 HELP > mail from:<me> > 250 2.0.0 Ok > rcpt to:<bob> > 250 2.1.5 Destination address valid: Recipient ok > data > 354 Enter mail, end with "." on a line by itself > to: u > from: me > > hi bob. > > . > 250 2.0.0 0a7d910f Message accepted for delivery > > a19e5552f2afe6dc smtp connected address=127.0.0.1 host=localhost > debug: aliases_virtual_get: 'bob' resolved to 1 nodes > debug: aliases_virtual_get: 'bob' resolved to 1 nodes > warn: smtpd: parent_forward_open: /var/mail/bob: No such file or directory > smtp: 0x1903053fd000: fd 13 from queue > smtp: 0x1903053fd000: message fd 13 > smtp: 0x1903053fd000: message begin > debug: 0x19034b71f000: adding Date > debug: 0x19034b71f000: adding Message-ID > debug: 0x1903053fd000: end of message, error=0 > a19e5552f2afe6dc smtp message msgid=0a7d910f size=335 nrcpt=1 proto=ESMTP > a19e5552f2afe6dc smtp envelope evpid=0a7d910fa2469b23 > from=<m...@deathstar.my.domain> to=<b...@deathstar.my.domain> > debug: scheduler: evp:0a7d910fa2469b23 scheduled (mda) > mda: new user a19e5554bded3360 for "userinfo:bob" delivering as "root" > debug: lka: userinfo userinfo:bob > debug: mda: new session a19e555520bf2fa5 for user "userinfo:bob" evpid > 0a7d910fa2469b23 > debug: mda: no more envelope for "userinfo:bob" > debug: mda: got message fd 13 for session a19e555520bf2fa5 evpid > 0a7d910fa2469b23 > debug: mda: querying mda fd for session a19e555520bf2fa5 evpid > 0a7d910fa2469b23 > debug: smtpd: forking mda for session a19e555520bf2fa5: bob as root > debug: mda: got mda fd 14 for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 > debug: mda: end-of-file for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 > debug: mda: all data sent for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 > debug: smtpd: mda process done for session a19e555520bf2fa5: exited abnormally > a19e5554bded3360 mda delivery evpid=0a7d910fa2469b23 > from=<m...@deathstar.my.domain> to=<b...@deathstar.my.domain> > rcpt=<b...@deathstar.my.domain> user=bob delay=16s result=PermFail stat=Error > ("mail.local: unknown name: bob") > debug: mda: session a19e555520bf2fa5 done > debug: mda: user "bob" becomes runnable > debug: mda: all done for user "userinfo:bob" > > So probably don't want to use mail.local to deliver the message or make sure > /var/mail/bob exists in this particular example. > > >