On Sep 6, 2019 10:46 AM, Ede Wolf <lis...@nebelschwaden.de> wrote: > > > > Maybe run 'smtpd -dv -T expand -T lookup -T rules' and see how OpenSMTPD > > is translating the aliases and which rules it's matching etc. > > This is a really helpful command. Maybe using that I can be a bit more > precise in defining my confusion. > > My simple setup, git pulled and build yesterday: > > > action "deliver" lmtp "/run/cyrus/socket/lmtp" rcpt-to user lmtpd > match from any for domain "example.com" rcpt-to <musers> action deliver > > > With "musers" only containing good ole b...@example.com and "lmtpd" being > a regular system user. Bob is not known to the system. And shall not. > > Now, the man page reads: > > user username > Specify the username for performing the delivery, to be looked up with > getpwnam(3). > > and: > > userbase <table> > Use the mapping table for user lookups instead of the getpwnam(3) function. > ->The userbase does not apply for the user option.<- >
Your copy is apparently different from mine. Userinfo tables User info tables are used in rule context to specify an alternate user base, mapping virtual users to local system users by UID, GID and home directory. action name method userbase <table> A userinfo table looks as follows: joe 1000:100:/home/virtual/joe jack 1000:100:/home/virtual/jack In this example, both joe and jack are virtual users mapped to the local system user with UID 1000 and GID 100, but different home directories. These directories may contain a forward(5) file. This can be used in conjunction with an alias table that maps an email address or the domain part to the desired virtual username. For example: j...@example.org joe j...@example.com jack It has to map to a system user. If you want it to be lmtpd just replace the 1000:100 above with lmtpds uid:gid > So my "user" attribute is lmtpd, a regular system user. But: > > af0267593be5b0a1 smtp connected address=.... > expand: 0x5598b9f68328: expand_insert() called for > address:b...@example.com[parent=(nil), rule=(nil)] > expand: 0x5598b9f68328: inserted node 0x5598b9f6a020 > expand: lka_expand: address: b...@example.com [depth=0] > lookup: match "1.2.3.4" as NETADDR in table static:<anyhost> -> true > lookup: match "example.com" as DOMAIN in table static:<dynamic:0> -> true > lookup: match "b...@example.com" as MAILADDR in table static:musers -> true > rule #1 matched: match from any for domain <dynamic:0> rcpt-to musers > action deliver > expand: 0x5598b9f68328: expand_insert() called for > username:bob[parent=0x5598b9f6a020, rule=0x5598b9f77e30, > dispatcher=0x5598b9f79750] > expand: 0x5598b9f68328: inserted node 0x5598b9f6a580 > > expand: lka_expand: username: bob [depth=1, sameuser=0] > lookup: lookup "bob" as USERINFO in table getpwnam:<getpwnam> -> none > expand: lka_expand: user-part does not match system user > expand: 0x5598b9f68328: clearing expand tree > af0267593be5b0a1 smtp failed-command command="RCPT TO:<b...@example.com>" > result="550 Invalid recipient: <b...@example.com>" > > The problem is obviously: "lookup "bob" as USERINFO in table > getpwnam:<getpwnam> -> none" > > > > Now the local delivery should be done with the user lmtpd, why is user > "bob" then looked up at all via USERINFO getpwman, instead of lmtpd, > when userinfo shall not be used with the "user" attribute. > > Wether "userbase" is invoked via getpwnam or a USERINFO table, should > make no difference? It should not be used, when the "user" attribute is > being used? > > Automagically I should add, I have not defined the userbase parameter > anywhere in my config. > > Hopefully I've been able to narrow down my lack of comprehention. There > is something in the manpage I get wrong. > > Thanks > > Ede >
