Try removing "rcpt-to <vusers_list>" from the 2nd match line and see
what happens.
I put it there because, in my setup, that is the only thing which
prevents accepting mail for a valid virtual domain but invalid name.
But your setup has a subsequent mapping lookup in the action line which
may (or may not) accomplish the same behavior.
I'm fairly confident that if you remove "rcpt-to <vusers_list>" smtpd
will correctly receive and deliver mail with a valid virtual domain AND
valid name (because the address is present in <vusers_map>). But I'm
unsure what will occur if the match line accepts the mail because the
domain is valid but then the mapping lookup in the action line fails
because the name is invalid and thus the address is not present in
<vusers_map>.
If you try it without "rcpt-to <vusers_list>" in the 2nd match line,
make sure you test for a virtual domain with both a valid name and an
invalid name. I'm curious to hear the results.
-Andy
On 11/23/2019 4:51 PM, Implausibility wrote:
> With some help from Andrew off-list, he provided a config that works for what
> I'm trying to do. It's attached below. Hopefully all you'd need to do to
> duplicate my success is search-and-replace example.com for your own primary
> (FQDN) mail server domain name (as long as it's called mail.youdomain.com).
>
> The secret is that there needs to be two tables -- one with a list of eMail
> addresses to accept, and one that maps the accepted eMail addresses to a
> local user mailbox.
>
> I'd prefer if this was more streamlined, so I didn't need to maintain two
> separate lists, but I'm sure I can script around it. Any refinements would
> be greatly appreciated. :D
>
> Thanks again Andrew!
>
> # **********************************
> # $OpenBSD: smtpd.conf,v 1.11 2018/06/04 21:10:58 jmc Exp $
>
> # This is the smtpd server system-wide configuration file.
> # See smtpd.conf(5) for more information.
>
> table aliases file:/etc/mail/aliases
> table domains db:/etc/mail/domains.db
> table vusers_list file:/etc/mail/vusers_list
> table vusers_map file:/etc/mail/vusers_map
>
> action "local_mail" maildir junk alias <aliases>
> action "vusers_deliver" maildir junk virtual <vusers_map>
> action "outbound" relay helo mail.example.com
>
> pki mail.example.com cert "/etc/ssl/mail.example.comfullchain.pem"
> pki mail.example.com key "/etc/ssl/private/mail.example.com.key"
>
> filter check_dyndns phase connect match rdns regex {
> '.*\.dyn\..*','.*\.dsl\..*' } \
> disconnect "550 you look like a spammer"
>
> filter check_rdns phase connect match !rdns \
> disconnect "550 you look like a spammer"
>
> filter check_fcrdns phase connect match !fcrdns \
> disconnect "550 you look like a spammer"
>
> filter senderscore \
> proc-exec "filter-senderscore -blockBelow 10 -junkBelow 70 -slowFactor
> 5000"
>
> filter rspamd proc-exec "filter-rspamd"
>
> listen on all tls pki mail.example.com \
> filter { check_dyndns, check_rdns, check_fcrdns, senderscore, rspamd }
>
> listen on all port submission tls-require pki mail.example.com auth filter
> rspamd
>
> match from any for domain "mail.example.com" action "local_mail"
> match from any for domain <domains> rcpt-to <vusers_list> action
> "vusers_deliver"
> match for local action "local_mail"
>
> match from any auth for any action "outbound"
> match for any action "outbound"
>
>
>
>
>
