Hi, Thanks for the insight into your configuration, using a shared sqlite database is an interesting way to accomplish this.
Unfortunately, the sqlite backend also appears to be in opensmtpd-extras, for which there is currently not a FreeBSD port. Whilst i'm sure if I gave it another look, I could install it straight from github, I may look at creating a port, as even in their "WIP" state (based on the folder structure of opensmtpd-extras), the passwd and sqlite backends certainly sound like useful additions, and it would be nice to make it simple for other users to install these. June 16 2015 2:34 PM, "Martijn van Duren" <[email protected]> wrote: > Hello Jonathan, > > I don't know about FreeBSD, but under OpenBSD the sqlite table backend > is included. > I use the following configuration in smtpd.conf: > > table authdb sqlite:/etc/mail/auth.conf > accept from any for domain <authdb> virtual <authdb> userbase <authdb> > deliver to maildir > "%{user.directory}/Maildir/%{dest.domain}/%{dest.user:strip}" > > With /etc/mail/auth.conf: > dbpath /etc/mail/storage.db > > query_alias SELECT recipient FROM alias WHERE user=?; > > query_domain SELECT SUBSTR(user, INSTR(user, '@')+1) FROM alias WHERE > SUBSTR(user, INSTR(user, '@')+1)=? GROUP BY SUBSTR(user, INSTR(user, > '@')+1); > > query_credentials SELECT email, password FROM users WHERE email=?; > > query_userinfo SELECT uid, gid, home AS directory FROM users WHERE > REPLACE(email, '@', '_')=?; > > And the layout for /etc/mail/storage.db: > CREATE TABLE users ( > email VARCHAR(128) NOT NULL PRIMARY KEY, > password VARCHAR(64) NOT NULL DEFAULT '!', > uid INT NOT NULL, > gid INT NOT NULL, > home VARCHAR(256) > ); > CREATE TABLE alias ( > user VARCHAR(64) NOT NULL, > recipient VARCHAR(128) NOT NULL > ); > CREATE INDEX alias_user ON alias(user); > > Make sure that you map every email-address is also in aliases, mapped to > a recipient where the @ is replaced with a _, otherwise smtpd will keep > looking for the user-part of the e-mail address. > > For dovecot I use the following directives: > driver = sqlite > connect = /etc/mail/storage.db > password_query = SELECT email AS user, password, uid AS userdb_uid, gid > AS userdb_gid, home AS userdb_home FROM users WHERE email = '%u'; > > Hope this helps. For my small home-setup it works like a charm. > > On 06/16/15 14:14, [email protected] wrote: > >> Hello, >> >> I currently run a personal mailserver using postfix + dovecot (and a few >> other things for anti-spam, dkim etc, but i'm not worried about that at >> the moment). >> >> I am very interested in replacing postfix with OpenSMTPD, especially for >> clarity of configuration. >> >> However, I am a little stuck as to how I can get OpenSMTPD and Dovecot >> to use the same source for authentication. >> >> In my current setup, each of my virtual domains has a file called >> /var/mail/vhosts/passwd-%DOMAIN% which is in the format of Dovecot's >> passwd-file. I then use SASL to provide postfix with a way of >> authenticating submissions. >> >> If you'd like to see how that actually works from a configuration >> standpoint, see the following link: >> http://slexy.org/view/s20baUvUI8 >> >> As far as I can tell, OpenSMTPD does not support SASL, therefore >> directly copying this approach will not work. >> >> I don't believe I can customise the format of the auth table for either >> OpenSMTPD or Dovecot to make them compatible with each other, so I don't >> think that's an option (although if i'm wrong on that point, please let >> me know!). >> >> After spending some time researching I seem to have come across a couple >> of references to a passwd table format for OpenSMTPD. It seems to be in >> OpenSMTPD-extras, which is not currently a port on FreeBSD. I tried >> compiling that particular table format based on instructions from >> github, and making sure that I specified the correct directory for the >> FreeBSD installation, but it still didn't appear to detect the format >> when I started OpenSMTPD (giving the error: "fatal: table_create: >> backend "passwd" does not exist"). >> >> At this point I imagine i'm probably overcomplicating the situation, and >> there is a simpler solution. >> >> Does anybody have a recommended way to do the following?: >> - virtual users and domains, not tied to system accounts >> - stored in maildir format (using my existing solution of >> /var/mail/vhosts/%DOMAIN%/%USER% would be a bonus) >> - single source for authentication (I don't mind that being a single >> file, rather than my current system of 1 file per domain, so long as I >> can have for instance jonathan@DOMAIN1 and jonathan@DOMAIN2 having >> different passwords). >> >> Thanks for taking the time to read my question. >> >> -- >> Jonathan Price >> www.jonathanprice.uk >> Verify my identity at https://keybase.io/pricetx -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
