thr3ads.net - dovecot - [Dovecot] LMTP with virtual and system users [Dec 2013]

If this information is useful, please help other people find it:
Share via:

Philipp Kolmann

2013-Dec-25 07:16 UTC

[Dovecot] LMTP with virtual and system users

Hi,

I have a mailsystem where i have some local users with shell access and 
full home dirs which receive mail and also several SQL virtual users 
only for mail.
With the virtual users, everything works fine. Mail is delivered via 
LMTP and also sieve works :)
The SQL Lookup knows what to do with username at domain.com

The problem is the system user. If exim delivers the mail to the lmtp 
socket, the LMTPd can't find username at local.host
I would be able to specify the global auth_username_format=%n but then 
my SQL queries break and I like the possibility to have xx at domain1.com 
and xx at domain2.com routed to two different accounts.

As I have seen in the source, I can't specify username_format=%n in the 
passdb {  driver = pam } backend. Do you have any suggestion how to 
solve this issue?

thanks
Philipp


-------------- next part --------------
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-686-pae i686 Debian 7.3 
auth_debug = yes
auth_verbose = yes
first_valid_uid = 100
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_debug = yes
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
passdb {
  driver = pam
}
plugin {
  mail_log_fields = uid box msgid size from subject flags
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
postmaster_address = postmaster at rudolfina.at
protocols = " imap lmtp sieve"
service auth {
  unix_listener auth-client {
    group = Debian-exim
    mode = 0660
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  process_min_avail = 0
  service_count = 1
  vsz_limit = 64 M
}
ssl_cert = </etc/exim4/exim.crt
ssl_key = </etc/exim4/exim.key
userdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
userdb {
  driver = passwd
}
protocol lmtp {
  mail_plugins = " quota sieve"
}
protocol lda {
  mail_plugins = " sieve"
}
protocol imap {
  mail_plugins = " quota"
}
protocol sieve {
  mail_max_userip_connections = 10
  managesieve_implementation_string = Dovecot Pigeonhole
  managesieve_logout_format = bytes=%i/%o
  managesieve_max_compile_errors = 5
  managesieve_max_line_length = 65536
}
-------------- next part --------------
user_query = \
  SELECT concat('maildir:/var/spool/virtual_mail/',
mailbox,'/Maildir/') as mail, \
         concat('/var/spool/virtual_mail/', mailbox,'/') as
home, \
         100 as uid, 102 as gid \
  FROM email \
  WHERE mailbox = '%u'

password_query = \
  SELECT mailbox as user, \
         boxpass as password \
  FROM email \
  WHERE mailbox = '%u'

Adrian Zaugg

2013-Dec-26 11:20 UTC

head link

[Dovecot] LMTP with virtual and system users

Hi Philipp

You can use exim to prepare the address as you wish: only the user name
for pam users and the full address for virtual users.

Configure a new router to strip the domain part for pam users:

local_pam_users:
	debug_print = "R: strip domain for local pam users"
        driver = redirect
	check_local_user
	domains = @ : localhost : ${primary_hostname}
        data = ${local_part}
        redirect_router = local_user

I'm not 100% sure of the domains condition; it should restrict the
router to your domain(s) where your pam users receive their email. The
redirect_router designates the router which routes your local deliveries
to your lmtp transport. Place the new router to run just before your
"local_user" router.

Since your config works for your virtual users, you don't need to do
anything in addition.

Regards, Adrian.


Am 25.12.13 08:16 schrieb Philipp Kolmann:> Hi,
> 
> I have a mailsystem where i have some local users with shell access and
> full home dirs which receive mail and also several SQL virtual users
> only for mail.
> With the virtual users, everything works fine. Mail is delivered via
> LMTP and also sieve works :)
> The SQL Lookup knows what to do with username at domain.com
> 
> The problem is the system user. If exim delivers the mail to the lmtp
> socket, the LMTPd can't find username at local.host
> I would be able to specify the global auth_username_format=%n but then
> my SQL queries break and I like the possibility to have xx at domain1.com
> and xx at domain2.com routed to two different accounts.
> 
> As I have seen in the source, I can't specify username_format=%n in the
> passdb {  driver = pam } backend. Do you have any suggestion how to
> solve this issue?
> 
> thanks
> Philipp
> 
>

Eugene

2013-Dec-29 18:31 UTC

head link

[Dovecot] LMTP with virtual and system users

Hello,

Personally, I think it is more simple and convenient to migrate system 
users' mail to the virtual-user setup (i.e. two separate logins, e.g.
'user'
for SSH and 'user at domain.com' for mail ).

Here are the relevant portions of my postfix config:

mydestination = localhost
local_recipient_maps =  $virtual_mailbox_maps  $virtual_alias_maps
mydomain = domain.com    # your 'local' host/domain name
myhostname = domain.com  # your 'local' host/domain name
smtpd_recipient_restrictions = ....., reject_unverified_recipient, .....  # 
to do LMTP-based verification of incoming mail
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
virtual_alias_maps = hash:/usr/ext/mail/valias
virtual_mailbox_domains = hash:/usr/ext/mail/vdomains
virtual_transport = lmtp:unix:private/dovecot-lmtp

/usr/ext/mail/valias defines additional redirections like
postmaster at domain.com         admin at domain.com
root at domain.com               admin at domain.com

/usr/ext/mail/vdomains is an access-map file with records for supported 
domains, like:
domain.com OK

Also adjust 'root' record in /etc/mail/aliases to point to qualified
admin's
mail address (admin at domain.com)

Best wishes
Eugene

-----Original Message----- 
From: Philipp Kolmann
Sent: Wednesday, December 25, 2013 11:16 AM
To: Dovecot Mailing List
Subject: [Dovecot] LMTP with virtual and system users

Hi,

I have a mailsystem where i have some local users with shell access and
full home dirs which receive mail and also several SQL virtual users
only for mail.
With the virtual users, everything works fine. Mail is delivered via
LMTP and also sieve works :)
The SQL Lookup knows what to do with username at domain.com

The problem is the system user. If exim delivers the mail to the lmtp
socket, the LMTPd can't find username at local.host
I would be able to specify the global auth_username_format=%n but then
my SQL queries break and I like the possibility to have xx at domain1.com
and xx at domain2.com routed to two different accounts.

As I have seen in the source, I can't specify username_format=%n in the
passdb {  driver = pam } backend. Do you have any suggestion how to
solve this issue?

thanks
Philipp

Possibly Parallel Threads

Search for more seemingly similar threads

dovecot - Dec 2013 - LMTP with virtual and system users

[Dovecot] LMTP with virtual and system users

[Dovecot] LMTP with virtual and system users

[Dovecot] LMTP with virtual and system users

Possibly Parallel Threads