January 15, 2020 6:03 PM, "Éloi Rivard" <eloi.riv...@aquilenet.fr> wrote:

> Hi,
> 
> I would like to put a OpenSMTPD server in front of a sourcehut lists
> installation [1] (that is, a mailing list system for sourcehut).
> OpenSMTPD and sourcehut communicate through a lmtp unix socket. Here is
> my configuration (without the filter and pki parts):
> 
> listen on eth0 tls pki lists.forge.mydomain.tld
> action sourcehut lmtp /tmp/lists.forge.mydomain-tld-lmtp.sock
> 
> match from any for domain "lists.forge.yaal.fr" action "sourcehut"
> 
> Now with this configuration I only get "550 Invalid recipient" errors,
> which is expected because OpenSMTPD has no way to know what is a valid
> sourcehut list recipient.
> 
> How can I make OpenSMTPD just skip the recipient verification, and just
> forward everything to the lmtp socket?
> 

There are two ways:

1- synchronize the list of recipients in a recipient table in smtpd, that
   may be less convenient because you need to have the list of recipients
   on the SMTP side AND the lmtp side, but... that's the clean way.

2- you can have a virtual mapping with a catch-all so that all recipients
   are accepted and passed to the LMTP socket, this works but is not very
   clean because it will backscatter if LMTP rejects the recipient.


> I read about userbase catchall, but my understanding is that userbases
> maps recipients to a system user, and that seems irrelevant for me as
> no system user is involved here.
> 

The userbase feature is to provide an alternate mechanism to resolve the
usernames to uid, gid and home directory. I don't think it's useful here
but your comment has hinted me at the issue:

It is inaccurate that no system user is involved here, all recipients do
resolve into a username because some user has to do the LMTP session. In
virtual setups, like yours seems to be, the proper way is to create some
dedicated user and map all recipients to that:

    action sourcehut lmtp "/tmp/lists.forge.mydomain-tls-lmtp.sock" \
        virtual { "@" = _sourcehut }

In cases where you have a full list of recipients and do not need to get
virtual mappings involved, you can do:

    action sourcehut lmtp "/tmp/lists.forge.mydomain-tls-lmtp.sock" \
        user _sourcehut

But no matter what, any action in smtpd.conf is a command that is going
to get executed and a process has to have a owner, so there is going to
be a system user involved.

Reply via email to