Re: Virtual User handling

Fri, 06 Sep 2019 09:40:57 -0700

Side note. While I would still like to understand, what I am misunderstanding, practically, I've had some more success with using a virtual catchall table, as recommended before by Edgar. However, there is still one local error I do not yet comprehend:
"Error being: stat=Error (temporary failure: "mail.lmtp: No such file or directoryconnect")" 


And I am not sure, what is smtpd looking for or missing exactly? It 
likey has to do with me using non standard paths, but that again may be 
helpful for understanding.



action "deliver" lmtp "/run/cyrus/socket/lmtp" rcpt-to virtual <vusers> 
user lmtpd

match from any for domain "example.com" action deliver

with vusers reading:
@ lmtpd


Here is a more complete log:


2c4cbc6c10aebcab smtp connected address=1.2.3.4 host=friendly.nospam.net

expand: 0x56169b994348: expand_insert() called for 
address:[email protected][parent=(nil), rule=(nil)]

expand: 0x56169b994348: inserted node 0x56169b996040
expand: lka_expand: address: [email protected] [depth=0]
lookup: match "1.2.3.4" as NETADDR in table static:<anyhost> -> true
lookup: match "example.com" as DOMAIN in table static:<dynamic:0> -> true
rule #1 matched: match from any for domain <dynamic:0> action deliver
lookup: lookup "[email protected]" as ALIAS in table static:vusers -> none
lookup: lookup "mary" as ALIAS in table static:vusers -> none
lookup: lookup "@example.com" as ALIAS in table static:vusers -> none
lookup: lookup "@" as ALIAS in table static:vusers -> "lmtpd"

expand: 0x56169b993b40: expand_insert() called for 
username:lmtpd[parent=(nil), rule=(nil)]

expand: 0x56169b993b40: inserted node 0x56169b9965a0

expand: 0x56169b994348: expand_insert() called for 
username:lmtpd[parent=0x56169b996040, rule=0x56169b9a3e80, 
dispatcher=0x56169b9a5780]

expand: 0x56169b994348: inserted node 0x56169b996b00
expand: 0x56169b993b40: clearing expand tree
expand: 0x56169b993b40: freeing expand tree
debug: aliases_virtual_get: '@example.com' resolved to 1 nodes
expand: lka_expand: username: lmtpd [depth=1, sameuser=0]
lookup: lookup "lmtpd@" as ALIAS in table static:vusers -> none
lookup: lookup "lmtpd" as ALIAS in table static:vusers -> none
lookup: lookup "@" as ALIAS in table static:vusers -> "lmtpd"

expand: 0x56169b98d140: expand_insert() called for 
username:lmtpd[parent=(nil), rule=(nil)]

expand: 0x56169b98d140: inserted node 0x56169b9965a0

expand: 0x56169b994348: expand_insert() called for 
username:lmtpd[parent=0x56169b996b00, rule=0x56169b9a3e80, 
dispatcher=0x56169b9a5780]

expand: 0x56169b994348: setting sameuser = 1
expand: 0x56169b994348: inserted node 0x56169b997060
expand: 0x56169b98d140: clearing expand tree
expand: 0x56169b98d140: freeing expand tree
debug: aliases_virtual_get: '@' resolved to 1 nodes
expand: lka_expand: username: lmtpd [depth=2, sameuser=1]

lookup: lookup "lmtpd" as USERINFO in table getpwnam:<getpwnam> -> 
"115:115:/opt/smptd/var/lmtpd"

expand: no .forward for user lmtpd, just deliver
expand: 0x56169b994348: clearing expand tree
smtp: 0x56047ce92b90: fd 14 from queue
smtp: 0x56047ce92b90: message fd 14
smtp: 0x56047ce92b90: message begin
debug: 0x56047ce92b90: end of message, error=0
2c4cbc6c10aebcab smtp message msgid=fd6b9892 size=247 nrcpt=1 proto=SMTP

2c4cbc6c10aebcab smtp envelope evpid=fd6b9892d5ac7196 
from=<[email protected]> to=<[email protected]>

debug: scheduler: evp:fd6b9892d5ac7196 scheduled (mda)
mda: new user 2c4cbc6d6d8e081f for "<getpwnam>:lmtpd" delivering as "lmtpd"
debug: lka: userinfo <getpwnam>:lmtpd

lookup: lookup "lmtpd" as USERINFO in table getpwnam:<getpwnam> -> 
"115:115:/opt/smptd/var/lmtpd"
debug: mda: new session 2c4cbc6e7f005bc1 for user "<getpwnam>:lmtpd" 
evpid fd6b9892d5ac7196

debug: mda: no more envelope for "<getpwnam>:lmtpd"

debug: mda: got message fd 14 for session 2c4cbc6e7f005bc1 evpid 
fd6b9892d5ac7196
debug: mda: querying mda fd for session 2c4cbc6e7f005bc1 evpid 
fd6b9892d5ac7196

debug: smtpd: forking mda for session 2c4cbc6e7f005bc1: lmtpd as lmtpd

debug: mda: got mda fd 15 for session 2c4cbc6e7f005bc1 evpid 
fd6b9892d5ac7196

debug: mda: end-of-file for session 2c4cbc6e7f005bc1 evpid fd6b9892d5ac7196

debug: mda: all data sent for session 2c4cbc6e7f005bc1 evpid 
fd6b9892d5ac7196
debug: smtpd: mda process done for session 2c4cbc6e7f005bc1: exited 
abnormally
2c4cbc6d6d8e081f mda delivery evpid=fd6b9892d5ac7196 
from=<[email protected]> to=<[email protected]> rcpt=<[email protected]> 
user=lmtpd delay=11s result=TempFail stat=Error (temporary failure: 
"mail.lmtp: No such file or directoryconnect")

debug: mda: session 2c4cbc6e7f005bc1 done
debug: mda: user "lmtpd" becomes runnable
debug: mda: all done for user "<getpwnam>:lmtpd"



Am 06.09.19 um 17:46 schrieb Ede Wolf:



Maybe run 'smtpd -dv -T expand -T lookup -T rules' and see how 
OpenSMTPD is translating the aliases and which rules it's matching etc.



This is a really helpful command. Maybe using that I can be a bit more 
precise in defining my confusion.


My simple setup, git pulled and build yesterday:


action "deliver" lmtp "/run/cyrus/socket/lmtp" rcpt-to user lmtpd
match from any for domain "example.com" rcpt-to <musers> action deliver



With "musers" only containing good ole [email protected] and "lmtpd" being 
a regular system user. Bob is not known to the system. And shall not.


Now, the man page reads:

user username

Specify the username for performing the delivery, to be looked up with 
getpwnam(3).


and:

userbase <table>
Use the mapping table for user lookups instead of the getpwnam(3) function.
->The userbase does not apply for the user option.<-

So my "user" attribute is lmtpd, a regular system user. But:

af0267593be5b0a1 smtp connected address=....

expand: 0x5598b9f68328: expand_insert() called for 
address:[email protected][parent=(nil), rule=(nil)]

expand: 0x5598b9f68328: inserted node 0x5598b9f6a020
expand: lka_expand: address: [email protected] [depth=0]
lookup: match "1.2.3.4" as NETADDR in table static:<anyhost> -> true
lookup: match "example.com" as DOMAIN in table static:<dynamic:0> -> true
lookup: match "[email protected]" as MAILADDR in table static:musers -> true

rule #1 matched: match from any for domain <dynamic:0> rcpt-to musers 
action deliver
expand: 0x5598b9f68328: expand_insert() called for 
username:bob[parent=0x5598b9f6a020, rule=0x5598b9f77e30, 
dispatcher=0x5598b9f79750]

expand: 0x5598b9f68328: inserted node 0x5598b9f6a580

expand: lka_expand: username: bob [depth=1, sameuser=0]
lookup: lookup "bob" as USERINFO in table getpwnam:<getpwnam> -> none
expand: lka_expand: user-part does not match system user
expand: 0x5598b9f68328: clearing expand tree

af0267593be5b0a1 smtp failed-command command="RCPT TO:<[email protected]>" 
result="550 Invalid recipient: <[email protected]>"



The problem is obviously: "lookup "bob" as USERINFO in table 
getpwnam:<getpwnam> -> none"





Now the local delivery should be done with the user lmtpd, why is user 
"bob" then looked up at all via USERINFO getpwman, instead of lmtpd, 
when userinfo shall not be used with the "user" attribute.



Wether "userbase" is invoked via getpwnam or a USERINFO table, should 
make no difference? It should not be used, when the "user" attribute is 
being used?



Automagically I should add, I have not defined the userbase parameter 
anywhere in my config.



Hopefully I've been able to narrow down my lack of comprehention. There 
is something in the manpage I get wrong.


Thanks

Ede


























					Reply via email to