September 17, 2019 11:41 PM, "Edgar Pettijohn" <ed...@pettijohn-web.com> wrote:

> On Sep 17, 2019 9:05 AM, Gilles Chehade <gil...@poolp.org> wrote:
> 
>> Hello,
>> 
>> Is there anyone using table-passwd for _any_ other purposes than sharing
>> with Dovecot ?
>> 
>> I have built a fully virtual setup which shares credentials with Dovecot
>> and since I managed to do it _without_ table-passwd I'm wondering if the
>> table backend is really useful and if it was not created because soneone
>> had overlooked the first few lines of the Dovecot documentation stating:
>> 
>> "For a password database, it's enough to have only the user and password
>> fields."
>> 
> 
> Not actually using it, but for dovecot to use it as a userdb as well as a 
> passdb it needs the
> additional fields.
> 

ok so I'm misunderstanding the use-case, let me explain why I'm curious:

I wrote table-passwd because I was told that if you wanted to create a virtual 
setup,
backed by one single user, you needed to have a passwd(5)-format file for 
Dovecot and
share that with OpenSMTPD.

But then I did a fully virtual setup for myself and I didn't use table-passwd, 
so the
rationale behind it falls a bit apart for me, unless there's other use-cases.

On my setup, file /etc/mail/accounts is a simple two columns username/password 
table:

# head -1 /etc/mail/accounts.txt 
gil...@poolp.org:$2b$09$0ek9ozmo1u0mSsiRo/z2AumROLK.70T9A6bP3mFDqb38L0sC5RvT6
#


I have the following OpenSMTPD config (three relevant lines):

    table accounts "/etc/mail/accounts"
    
    listen on egress port submission [...] auth <accounts>
    
    action "deliver_local" maildir junk user _vusers


And I have the following Dovecot config:

# cat /etc/dovecot/conf.d/auth-mailbrix.conf.ext
passdb {
  driver = passwd-file
  args = scheme=CRYPT /etc/mail/accounts
}

userdb {
  driver = static
  args = uid=_vusers gid=_vusers home=/var/maildir/%d/%u
}

# grep auth-mailbrix.conf.ext
10-auth.conf:!include auth-mailbrix.conf.ext


This allows both OpenSMTPD and Dovecot to authenticate accounts that are not 
system
users, allows OpenSMTPD to drop mail to a maildir owned by system account in 
charge
of virtual accounts and allows Dovecot to properly serve these accounts.

Am I missing your use-cases here ?

Reply via email to