Hi there, Le 24/09/2020 à 13:33, Unicorn a écrit : > Hello everyone, > > I apologize in advance if these seem like a trivial question, I am > quite new to this and the amount of config files and options is a > little overwhelming. :) > > I am currently running three mailservers that each serve one domain > with real user accounts, which is quite a pain to manage. I would like > to instead have one server be the MX for all of my domains, with > virtual users and their maildirs in a strucure like > /home/vmail/domain/user/Maildir. > > In the process of writing my email I have written all my > configurations to the best of my ability, but I would appreciate your > feedback on any errors or suggestions for improvements, especially > since I intend to eventually make this into a guide: > > > ######## /etc/mail/smtpd.conf ####################################### > pki mx.maildomain.tld cert "/etc/ssl/mx.maildomain.tld.fullchain.pem" > pki mx.maildomain.tld key "/etc/ssl/private/mx.maildomain.tld.key" > > # Junk filters, rspamd also for DKIM signing > filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', > '.*\.dsl\..*' } junk > filter check_rdns phase connect match !rdns junk > filter check_fcrdns phase connect match !fcrdns junk > filter rspamd proc-exec "filter-rspamd" > > # Tables > table aliases file:/etc/mail/custom_aliases > table accounts file:/etc/mail/accounts > table domains {firstdomain.tld, seconddomain.tld, maildomain.tld} > > # Listen for incoming mail and send through filters > listen on all tls pki mail.regrow.earth filter { check_dyndns, > check_rdns, check_fcrdns, rspamd } > > # Listen for, authenticate and DKIM-sign outgoing mail requests > listen on all port submission tls-require pki mx.maildomain.tld auth > <accounts> filter rspamd > > action "deliver_local" maildir > /home/vmail/{%dest.domain}/{%dest.user}/Maildir junk alias <aliases> > user vmail > action "outbound" relay helo mx.maildomain.tld > > # Match incoming mail > match from any for domain <domains> action "deliver_local" > match for local action "deliver_local" > > # Match outgoing mail > match from any auth for any action "outbound" > match for any action "outbound" > ##################################################################### > > > ######## /etc/dovecot/conf.d/10-auth.conf ########################### > passdb { > driver = passwd-file > args = scheme=BLF-CRYPT /etc/mail/accounts > } > userdb { > driver = static > args = uid=vmail gid=vmail home=/home/vmail/%d/%u > } > ##################################################################### > > > ######## /etc/mail/accounts ######################################### > ad...@fistdomain.tld:passwordhashfromsmtpctl > ad...@seconddomain.tld:passwordhashfromsmtpctl > unic...@seconddomain.tld:passwordhashfromsmtpctl > ##################################################################### > > Is it possible to combine virtual users with an alias table as I have > in action "deliver_local"? > > Example entry in alias table: > cont...@firstdomain.tld: admin+cont...@firstdomain.tld > > Will this deliver to the folder "contact" of ad...@firstdomain.tld? > In 'action "deliver_local"', is it correct to use {%dest.user} for > this purpose?
You can use a virtual user table, but you will have to split your "deliver_local" table. As Uwe suggested, I would use lmtp for that: action "inbox" lmtp "/var/run/dovecot/lmtp" rcpt-to virtual <vusers> In that case, vusers is defined here: table vusers file:/etc/smtpd/vusers And its content: postmaster mainu...@maindomain.tld abuse mainu...@maindomain.tld root mainu...@maindomain.tld contact mainu...@maindomain.tld mainu...@maindomain.tld vmail someotheru...@somedomain.tld vmail someal...@somedomain.tld mainu...@maindomain.tld And so on… > Also, how does dkim signing with rspamd work for multiple domains? > Right now my /etc/rspamd/local.d/dkim-signing.conf looks like this: > > ############################################################## > allow_username_mismatch = true; > > domain { > firstdomain.tld { > path = "/etc/mail/dkim/firstdomain.tld.key"; > selector = "blah"; > } > } > ############################################################## > > Will it work automatically by simply entering eg. 'seconddomain.tld > {...}' with its respective keyfile and selector? Yes. And if you use sensible file names like me, you can even do this: path = "/etc/mail/dkim/$domain.$selector.key"; Regards, Archange