Re:

2020-11-17 Thread Olivier Burelli

Hi,

you read an article from thuban. Original link is there : 
https://ybad.name/ah/fr/05-mail/ i suggest you to read the full article 
with virtual users.


I suggest also to read the article from the creator of opensmtpd :

https://poolp.org/posts/2019-12-23/mettre-en-place-un-serveur-de-mail-avec-opensmtpd-dovecot-et-rspamd/ 
(french)
https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/ 
(english)



From my understanding you need just to manage your system account as a 
simple Maildir Mailbox on a system user or a virtual user.


In this way : edit /etc/mail/aliases and to route all account like root, 
postmaster, www --> to the user system


example :

(...)
# Well-known aliases -- these should be filled in!
root:   
# manager:
# dumper:
:  
(...)

All system account will be routed to root... and root will be routed to 
 ... Mail to original target will not be deleted, simply 
routed.


Oliv.


On 11/17/2020 5:29 PM, Matthieu C wrote:

Hi,

I am new to mail servers, and I ran into a nice tutorial from a French 
NGO. However, I'd like to tweak a bit my configuration, and I cannot 
find a proper way to achieve my goal: I want to discard mails whose 
recipient is the address my_system_u...@my-domain.net 
 (and r...@my-domain.net 
 and so on), while accepting mails to be 
routed to my_system_user, through a list of aliases or virtual users. 
In fact, I want all the mails to go through this system user, and to 
be read by a unique dovecot account (hence, I'd say the simplest way 
to do is to have an unique Maildir?).


I created a thread on Stack Overflow for that matter: 
https://stackoverflow.com/questions/64715521/prevent-mailing-to-my-username-in-opensmtp-config 
 
; its content is below:


I just set up my own mail server at home with OpenSMTP and Dovecot
(I used this tutorial


from Framasoft). I don't like the idea that people can mail to
/my_system_u...@my-domain.net
/ or /r...@my-domain.net
/ (or any other system user), although
I'll use this only /my_system_user/ account to receive my mails.

That's why I added |root: /dev/null| and
|my_system_u...@my-domain.net
: /dev/null| to my
|/home/my_system_user/.myaliases| file (+ |makemap -t aliases
~/.myaliases|). But I still receive the mails for
/my_system_u...@my-domain.net
/. Maybe I shouldn't go
through the hassle of preventing this?

|table aliases file:/etc/aliases table own_aliases
file:/home/my_system_user/.myaliases pki mail.my-domain.net
 key
"/etc/letsencrypt/live/mail.my-domain.net/privkey.pem
" pki mail.my-domain.net
 certificate
"/etc/letsencrypt/live/mail.my-domain.net/cert.pem
" # Deliver listen on lo
listen on lo port 10029 tag DKIM listen on lo port 10036 tag
ANTISPAM listen on eth0 port 25 hostname mail.my-domain.net
 tls pki mail.my-domain.net
 listen on eth0 port 587 hostname
mail.my-domain.net  tls-require pki
mail.my-domain.net  auth accept tagged
ANTISPAM for any alias  deliver to maildir
"~/Maildir" accept from local for local alias  deliver to
maildir "~/Maildir" #accept from any for domain "my-domain.net
" alias  deliver to maildir
"~/Maildir" # antispam accept from any for domain "my-domain.net
" relay via smtp://127.0.0.1:10035
 # Relay # dkim tagged can be sent accept
tagged DKIM for any relay hostname mail.my-domain.net
 # if not dkim tagged, send it to
dkimproxy accept from local for any relay via
smtp://127.0.0.1:10028  hostname
mail.my-domain.net  |

In my search, I found out that virtual users could be a solution
(source)

,
but it seems overkill to me (setting up a new /vmail/ user, new
password table, new services...): I have only one repicient
account with multiple (~10) aliases.


Any help is appreciated!
Best regards,

choumat


Re: your mail

2020-11-17 Thread Chris Bennett
On Tue, Nov 17, 2020 at 05:29:36PM +0100, Matthieu C wrote:
>  Hi,
> 
> I am new to mail servers, and I ran into a nice tutorial from a French NGO.
> However, I'd like to tweak a bit my configuration, and I cannot find a
> proper way to achieve my goal: I want to discard mails whose recipient is
> the address my_system_u...@my-domain.net (and r...@my-domain.net and so
> on), while accepting mails to be routed to my_system_user, through a list
> of aliases or virtual users. In fact, I want all the mails to go through
> this system user, and to be read by a unique dovecot account (hence, I'd
> say the simplest way to do is to have an unique Maildir?).

You don't have to use virtual users, but if you want separate Maildir's,
then virtual users through dovecot works nice.
I use usernames as chris@bennettconstruction instead of just chris.
But this is mostly a matter of preference. I have multiple domains, so
that is pretty necessary for me to avoid confusion. Dovecot explains
this moderately well and has a mailing list that's active.

> 
> I created a thread on Stack Overflow for that matter:
> https://stackoverflow.com/questions/64715521/prevent-mailing-to-my-username-in-opensmtp-config
> ; its content is below:
> 
> > I just set up my own mail server at home with OpenSMTP and Dovecot (I used 
> > this
> > tutorial
> > 
> > from Framasoft). I don't like the idea that people can mail to 
> > *my_system_u...@my-domain.net
> > * or *r...@my-domain.net
> > * (or any other system user), although I'll use this
> > only *my_system_user* account to receive my mails.
> >
> > That's why I added root: /dev/null and my_system_u...@my-domain.net:
> > /dev/null to my /home/my_system_user/.myaliases file (+ makemap -t
> > aliases ~/.myaliases). But I still receive the mails for 
> > *my_system_u...@my-domain.net
> > *. Maybe I shouldn't go through the hassle
> > of preventing this?

Probably not easily, but my-domain.net is the server's domain. That's
tacked on by default. Someone probably has a fix for this.


> >
> > table aliases file:/etc/aliases
> > table own_aliases file:/home/my_system_user/.myaliases
> >
> > pki mail.my-domain.net key 
> > "/etc/letsencrypt/live/mail.my-domain.net/privkey.pem"
> > pki mail.my-domain.net certificate 
> > "/etc/letsencrypt/live/mail.my-domain.net/cert.pem"
> >
> > # Deliver
> > listen on lo
> > listen on lo port 10029 tag DKIM
> > listen on lo port 10036 tag ANTISPAM
> > listen on eth0 port 25  hostname mail.my-domain.net tls pki 
> > mail.my-domain.net
> > listen on eth0 port 587 hostname mail.my-domain.net tls-require pki 
> > mail.my-domain.net auth
> >
> > accept tagged ANTISPAM for any alias  deliver to maildir 
> > "~/Maildir"
> > accept from local for local alias  deliver to maildir "~/Maildir"
> > #accept from any for domain "my-domain.net" alias  deliver to 
> > maildir "~/Maildir"
> >
> > # antispam
> > accept from any for domain "my-domain.net" relay via smtp://127.0.0.1:10035
> >
> > # Relay
> > # dkim tagged can be sent
> > accept tagged DKIM for any relay hostname mail.my-domain.net
> > # if not dkim tagged, send it to dkimproxy
> > accept from local for any relay via smtp://127.0.0.1:10028 hostname 
> > mail.my-domain.net
> >
> > In my search, I found out that virtual users could be a solution (source)
> > ,
> > but it seems overkill to me (setting up a new *vmail* user, new password
> > table, new services...): I have only one repicient account with multiple
> > (~10) aliases.

I use neomutt. It's a bit confusing, but it's very easy to setup account
and folder hooks to let you put all 10 aliases into one .neomuttrc
I have 5 in one .neomuttrc.
Other email clients should be able to do the same.
neomutt-users mailing list is also active and helpful.

I thought using vmail was weird myself at first, but it works like a
charm. I use /home/vmail, others /var/vmail. It doesn't really matter
where as long as you set HOME for it right.

I actually decided to use postgresql with dovecot for passwords and
users, etc. BSD auth is scheduled to be removed at some point in the
future, so consider not using it for dovecot or you *might* have to
change it later.

Good luck,
Chris Bennett


> Any help is appreciated!
> Best regards,
> 
> choumat



[no subject]

2020-11-17 Thread Matthieu C
 Hi,

I am new to mail servers, and I ran into a nice tutorial from a French NGO.
However, I'd like to tweak a bit my configuration, and I cannot find a
proper way to achieve my goal: I want to discard mails whose recipient is
the address my_system_u...@my-domain.net (and r...@my-domain.net and so
on), while accepting mails to be routed to my_system_user, through a list
of aliases or virtual users. In fact, I want all the mails to go through
this system user, and to be read by a unique dovecot account (hence, I'd
say the simplest way to do is to have an unique Maildir?).

I created a thread on Stack Overflow for that matter:
https://stackoverflow.com/questions/64715521/prevent-mailing-to-my-username-in-opensmtp-config
; its content is below:

> I just set up my own mail server at home with OpenSMTP and Dovecot (I used 
> this
> tutorial
> 
> from Framasoft). I don't like the idea that people can mail to 
> *my_system_u...@my-domain.net
> * or *r...@my-domain.net
> * (or any other system user), although I'll use this
> only *my_system_user* account to receive my mails.
>
> That's why I added root: /dev/null and my_system_u...@my-domain.net:
> /dev/null to my /home/my_system_user/.myaliases file (+ makemap -t
> aliases ~/.myaliases). But I still receive the mails for 
> *my_system_u...@my-domain.net
> *. Maybe I shouldn't go through the hassle
> of preventing this?
>
> table aliases file:/etc/aliases
> table own_aliases file:/home/my_system_user/.myaliases
>
> pki mail.my-domain.net key 
> "/etc/letsencrypt/live/mail.my-domain.net/privkey.pem"
> pki mail.my-domain.net certificate 
> "/etc/letsencrypt/live/mail.my-domain.net/cert.pem"
>
> # Deliver
> listen on lo
> listen on lo port 10029 tag DKIM
> listen on lo port 10036 tag ANTISPAM
> listen on eth0 port 25  hostname mail.my-domain.net tls pki mail.my-domain.net
> listen on eth0 port 587 hostname mail.my-domain.net tls-require pki 
> mail.my-domain.net auth
>
> accept tagged ANTISPAM for any alias  deliver to maildir 
> "~/Maildir"
> accept from local for local alias  deliver to maildir "~/Maildir"
> #accept from any for domain "my-domain.net" alias  deliver to 
> maildir "~/Maildir"
>
> # antispam
> accept from any for domain "my-domain.net" relay via smtp://127.0.0.1:10035
>
> # Relay
> # dkim tagged can be sent
> accept tagged DKIM for any relay hostname mail.my-domain.net
> # if not dkim tagged, send it to dkimproxy
> accept from local for any relay via smtp://127.0.0.1:10028 hostname 
> mail.my-domain.net
>
> In my search, I found out that virtual users could be a solution (source)
> ,
> but it seems overkill to me (setting up a new *vmail* user, new password
> table, new services...): I have only one repicient account with multiple
> (~10) aliases.
>

Any help is appreciated!
Best regards,

choumat