On Fri, Aug 30, 2019 at 05:00:24PM +0200, Ede Wolf wrote: > Hello, > >
Semi complete example at the bottom. I'll leave it to you to reverse translate to the old syntax. I didn't notice till after I was done and am too lazy to change it. :) Also noticed while re-reading smtpd.conf(5) there is a `user' keyword that can be used in an action: user username Specify the username for performing the delivery, to be looked up with getpwnam(3). This is used for virtual hosting where a single username is in charge of handling delivery for all virtual users. This option is not usable with the mbox delivery method. Not sure if its available in whichever version you are using, but may make things easier enough to warrant an upgrade. > While trying to learn opensmtpd, amongst other things I am struggeling with > the virtual user handling - for a non virtual domain setup. > > From what I have been able to understand so far it seems, as if there is no > way to deliver mails to a lmtp socket, if there is not at least some > reference/mapping to a system user? > > accept from any for domain "example.com" recipient <vusers> alias <aliases> > deliver to lmtp "/run/cyrus/lmtp" rcpt-to as nobody > > where vusers contains: vusers would need to be `key => value' pairs > b...@example.com This is a list. More suitable for a vdomains table. > > However, despite being listed in vusers, when trying to send a mail to bob, > it gets rejected with "550 Invalid recipient". Creating a systemuser "bob" > makes it work. But then I do not need the vusers table, so I am wondering, > is it possible to get along without the need for a system user? > Now the man page mentions a userbase parameter, and I assume, the according > table has to be in the format of the userinfo table mentioned in tables(5)? > What then effectively again refers to a system user - just with a mapping in > between. > > My attempts with a single userlist instead so far either resulted in a > 'invalid use of table "susers" as USERBASE parameter' or simply a syntax > error. > > Is that assumption correct? Is there no way of keeping virtual users > completely off the system or did I get something terribly wrong? Even when > not using mbox/Maildir at all, where this requirement could make sense? > They are off the system, but some real user has to own the mailbox, etc... > And since user filtering will eventually be done at an earlier stage, I > would like smtpd to be able to unconditionally forward any mail unaltered > (except aliases) to the lmtp socket. > > So, in addition to bob@example as for the tests com I would like to be able > to use *@example.com or just example.com to not do any user checking at all. > Depending on the syntax requirements. > > Is it possible to deactivate the user checking one way or the other? you could use a catchall /etc/mail/vusers @ catchall > > Thanks for any insight or heads up on what I may have missed or > misunderstood. > > > Ede > groupadd -g 5000 vmail useradd -g vmail -u 5000 vmail -d /var/vmail -m chown -R vmail.vmail /var/vmail /etc/mail/userinfo bob 5000:5000:/var/vmail/bob /etc/mail/vusers b...@example.com bob /etc/mail/smtpd.conf snippet action "a01" lmtp "/var/cyrus/lmtp" rcpt-to userbase <userinfo> virtual <vusers> # may need to finesse the above. I'm not using cyrus or userbase table, so not 100 percent # sure if it will work as is. match from all for domain <domains> action "a01" it sorta works... deathstar$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 deathstar.my.domain ESMTP OpenSMTPD ehlo p.com 250-deathstar.my.domain Hello p.com [127.0.0.1], pleased to meet you 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-SIZE 36700160 250-DSN 250 HELP mail from:<me> 250 2.0.0 Ok rcpt to:<bob> 250 2.1.5 Destination address valid: Recipient ok data 354 Enter mail, end with "." on a line by itself to: u from: me hi bob. . 250 2.0.0 0a7d910f Message accepted for delivery a19e5552f2afe6dc smtp connected address=127.0.0.1 host=localhost debug: aliases_virtual_get: 'bob' resolved to 1 nodes debug: aliases_virtual_get: 'bob' resolved to 1 nodes warn: smtpd: parent_forward_open: /var/mail/bob: No such file or directory smtp: 0x1903053fd000: fd 13 from queue smtp: 0x1903053fd000: message fd 13 smtp: 0x1903053fd000: message begin debug: 0x19034b71f000: adding Date debug: 0x19034b71f000: adding Message-ID debug: 0x1903053fd000: end of message, error=0 a19e5552f2afe6dc smtp message msgid=0a7d910f size=335 nrcpt=1 proto=ESMTP a19e5552f2afe6dc smtp envelope evpid=0a7d910fa2469b23 from=<m...@deathstar.my.domain> to=<b...@deathstar.my.domain> debug: scheduler: evp:0a7d910fa2469b23 scheduled (mda) mda: new user a19e5554bded3360 for "userinfo:bob" delivering as "root" debug: lka: userinfo userinfo:bob debug: mda: new session a19e555520bf2fa5 for user "userinfo:bob" evpid 0a7d910fa2469b23 debug: mda: no more envelope for "userinfo:bob" debug: mda: got message fd 13 for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 debug: mda: querying mda fd for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 debug: smtpd: forking mda for session a19e555520bf2fa5: bob as root debug: mda: got mda fd 14 for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 debug: mda: end-of-file for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 debug: mda: all data sent for session a19e555520bf2fa5 evpid 0a7d910fa2469b23 debug: smtpd: mda process done for session a19e555520bf2fa5: exited abnormally a19e5554bded3360 mda delivery evpid=0a7d910fa2469b23 from=<m...@deathstar.my.domain> to=<b...@deathstar.my.domain> rcpt=<b...@deathstar.my.domain> user=bob delay=16s result=PermFail stat=Error ("mail.local: unknown name: bob") debug: mda: session a19e555520bf2fa5 done debug: mda: user "bob" becomes runnable debug: mda: all done for user "userinfo:bob" So probably don't want to use mail.local to deliver the message or make sure /var/mail/bob exists in this particular example.