Maybe run 'smtpd -dv -T expand -T lookup -T rules' and see how OpenSMTPD is translating the aliases and which rules it's matching etc.

This is a really helpful command. Maybe using that I can be a bit more precise in defining my confusion.

My simple setup, git pulled and build yesterday:


action "deliver" lmtp "/run/cyrus/socket/lmtp" rcpt-to user lmtpd
match from any for domain "example.com" rcpt-to <musers> action deliver


With "musers" only containing good ole b...@example.com and "lmtpd" being a regular system user. Bob is not known to the system. And shall not.

Now, the man page reads:

user username
Specify the username for performing the delivery, to be looked up with getpwnam(3).

and:

userbase <table>
Use the mapping table for user lookups instead of the getpwnam(3) function.
->The userbase does not apply for the user option.<-

So my "user" attribute is lmtpd, a regular system user. But:

af0267593be5b0a1 smtp connected address=....
expand: 0x5598b9f68328: expand_insert() called for address:b...@example.com[parent=(nil), rule=(nil)]
expand: 0x5598b9f68328: inserted node 0x5598b9f6a020
expand: lka_expand: address: b...@example.com [depth=0]
lookup: match "1.2.3.4" as NETADDR in table static:<anyhost> -> true
lookup: match "example.com" as DOMAIN in table static:<dynamic:0> -> true
lookup: match "b...@example.com" as MAILADDR in table static:musers -> true
rule #1 matched: match from any for domain <dynamic:0> rcpt-to musers action deliver expand: 0x5598b9f68328: expand_insert() called for username:bob[parent=0x5598b9f6a020, rule=0x5598b9f77e30, dispatcher=0x5598b9f79750]
expand: 0x5598b9f68328: inserted node 0x5598b9f6a580

expand: lka_expand: username: bob [depth=1, sameuser=0]
lookup: lookup "bob" as USERINFO in table getpwnam:<getpwnam> -> none
expand: lka_expand: user-part does not match system user
expand: 0x5598b9f68328: clearing expand tree
af0267593be5b0a1 smtp failed-command command="RCPT TO:<b...@example.com>" result="550 Invalid recipient: <b...@example.com>"

The problem is obviously: "lookup "bob" as USERINFO in table getpwnam:<getpwnam> -> none"



Now the local delivery should be done with the user lmtpd, why is user "bob" then looked up at all via USERINFO getpwman, instead of lmtpd, when userinfo shall not be used with the "user" attribute.

Wether "userbase" is invoked via getpwnam or a USERINFO table, should make no difference? It should not be used, when the "user" attribute is being used?

Automagically I should add, I have not defined the userbase parameter anywhere in my config.

Hopefully I've been able to narrow down my lack of comprehention. There is something in the manpage I get wrong.

Thanks

Ede

Reply via email to