[following-up to myself...]
Tim Legant <[EMAIL PROTECTED]> writes:
> "Robert P. Thille" <[EMAIL PROTECTED]> writes:
>
>> Since the qmail virtualdomains file can list different
>> [EMAIL PROTECTED] entries which route to different addresses, when
>> checking the virtualdomains file for a 'match' for the original
>> envelope domain you need to check that the 'prepend' coupled with
>> the user part of the virtualdomain matches the 'ousername'.
>>
>> From virtualdomains: (edited to protect the guilty :-)
>> -------------------------------
>> # John Smith's stuff:
>> [EMAIL PROTECTED]:jsmith
>> [EMAIL PROTECTED]:jsmith
>>
>> # user 'rthille' owns these domains, except the above
>> # specified users.
>> example.org:rthille-example
>> .example.org:rthille-example
>> nospam.example.org:rthille-spam
>> -------------------------------
[...]
> qmail-send only looks for exact matches when it searches for virtual
> users. This means that no confirmation replies can get back to the
> correct user in situations like the above example (they will go to the
> user controlling the entire domain) and also that users like the
> 'jsmith' user cannot use any tagged addresses.
[...]
> I'm not sure what we should do about this, because, with or without
> the patch, it's not going to work. Any thoughts are welcome.
The correct way to handle these sorts of situations with qmail is to
use the qmail-users mechanism. For the example above, assuming
jsmith's UID/GID are both 1001 and rthille's UID/GID are 1002:
/var/qmail/control/virtualdomains:
----------------------------------
example.org:example
.example.org:example
nospam.example.org:examplespam
/var/qmail/users/assign:
------------------------
# John Smith's stuff
+example-jsmith:jsmith:1001:1001:/home/jsmith:::
+example-jpsmith:jsmith:1001:1001:/home/jsmith:::
# Robert Thille's stuff
+example:rthille:1002:1002:/home/rthille:-:example:
+examplenospam:rthile:1002:1002:/home/rthille:-:spam:
What this means for John Smith is
1) Any mail to [EMAIL PROTECTED] (where EXT can be nothing) will
be delivered to user 'jsmith' using the instructions in the
dot-qmail file /home/jsmith/.qmailEXT. If EXT is nothing, then the
delivery uses ~jsmith/.qmail. If EXT is -<anything>, then the mail
is delivered using ~jsmith/.qmail-<anything> and the usual
dot-qmail rules apply; i.e., if there EXT is '-spam', qmail looks
for .qmail-spam and then .qmail-default before bouncing the
message.
2) Any mail to [EMAIL PROTECTED] follows the exact same rules
above, delivering to user 'jsmith'.
For Robert Thille, it means
1) Any mail in the *.example.org domain (except nospam.example.org)
that isn't handled by a more specific rule in users/assign
('example-jsmith' is more specific than 'example-') will be handled
by ~rthille/.qmail-example-EXT. So mail to [EMAIL PROTECTED] will
be handled by .qmail-example-info or .qmail-example-default.
Any mail in the nospam.example.org domain will be handled by
~rthille/.qmail-spam-EXT, again following the normal dot-qmail
rules.
In both of the example.org cases, no mail will ever go to the base
.qmail files (.qmail-example and .qmail-spam). It will only go to
the -default files or to a more specific .qmail file (like -info in
the example above).
In all these cases the extension addresses are handled correctly,
meaning that TMDA will work properly. Virtual users in the
virtualdomains file can never work correctly because qmail doesn't
handle extension addresses for virtual users.
Conclusion: TMDA can ignore virtual users when parsing virtualdomains
because the correct (and only) way to make them work is through the
qmail-users feature, which is transparent to TMDA.
Tim
_________________________________________________
tmda-workers mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-workers
