> On 19 Aug 2022, at 17:34, Simon Harrison <i...@simonh.uk> wrote: > > On Fri, 19 Aug 2022 13:00:27 +0200 > Kamil Andrusz <w...@mniam.net> wrote: > >> Hello All, >> >> I’ve an old existing setup where I have existing system users. I >> would like to add new domains and use virtual users (no need for them >> to have system accounts). The system has only one IP available. >> >> I implemented the expected solution on Dovecot side simply by using >> multiple passdb/userdb entries. >> >> However I can’t figure out how (or if it’s at all possible with a >> single IP) to get SMTP AUTH working for both system and virtual users >> with OpenSMTPD. >> >> Is that possible and if it is, any hints how to do it? >> >> Thank you in advance! >> >> With best regards, >> Kamil Andrusz >> > > According to the man page it is supported: > > https://man.openbsd.org/smtpd.conf > > listen on interface [family] [options] > Listen on the interface for incoming connections, using the same > syntax as ifconfig(8). The interface parameter may also be an interface > group, an IP address, or a domain name. Listening can optionally be > restricted to a specific address family, which can be either inet4 or > inet6. > > The options are as follows: > > auth [<authtable>] > Support SMTPAUTH: clients may only start SMTP transactions > after successful authentication. Users are authenticated against > either their own normal login credentials or a credentials table > authtable, the format of which is described in table(5). > > > From one of my conf's (using a credentials table): > > table secrets file:/etc/mail/secrets > > listen on eth0 port 465 smtps pki mydomain.com auth <secrets> > > match from auth for any action "relay" > > Good luck! > > The problem is that both domains are assigned to the same IP. In my lab setup I have the following entries in /etc/mail/smtpd.conf: listen on openbsd.test port submission tls-require pki „openbsd.test" hostname „openbsd.test" auth listen on example.com port submission tls-require pki „mail.example.com" hostname "mail.example.com" auth <credentials>
The end result is (/var/log/maillog): Aug 19 19:10:50 openbsd smtpd[30326]: info: OpenSMTPD 7.0.0 starting Aug 19 19:10:51 openbsd smtpd[10313]: dispatcher: smtpd: bind: Address already in use Aug 19 19:10:51 openbsd smtpd[17852]: smtpd: process dispatcher socket closed So using domain name does not work. With best regards, Kamil Andrusz — It’s just a matter of opinion.
