On Sat, 5 Mar 2022, Thomas Bohl wrote: >> I've got a situation which doesn't seem all that unusual, but I can't >> figure out how to properly set it up with OpenSMTPd on OpenBSD >> 7.0-release. I need to receive email from anywhere to my local users >> (most, but not all, of whom should not have accounts on the mailserver) >> and relay email from any local system to anywhere. Incoming mail for my >> local users should be saved to /var/virtual/<user>/Maildir (all owned >> by one special user) for pickup via pop3 or imap. > > I hope I understooded you correctly. > > table aliases file:/etc/mail/aliases > table mail2user { > f...@example.com = user1, > b...@example.com = user2, > @example.com = user3 } > > action "receivedLocally" maildir "/var/virtual/%{dest.user}/Maildir" user > onespecialuser alias <aliases> > action "receivedRemotely" maildir "/var/virtual/%{dest.user}/Maildir" user > onespecialuser virtual <mail2user> > action "relay2Internet" relay > > match for local action "receivedLocally" > match auth from any for domain example.com action "receivedRemotely" > match auth from any for any action "relay2Internet" > > (Untested because I personally only ever use lmtp.)
I've never used lmtp, but I should look into it. I should have made it more clear that my 'local users' have accounts on various systems behind my firewall, but mostly not on the mailserver, and that incoming messages for them already have their proper usernames though the FQDN may name a specific system (e.g. example.daveanderson.com) rather than the canonical daveanderson.com. I do want to run all messages through /etc/mail/aliases to handle mail to, e.g., postmaster. One problem with my current hurridly-thrown-together setup is that smtpd won't deliver mail to any user without an account on the mailserver; using userbase and listing all the users I care about would probably solve that (though what I'd really like is for smtpd to accept messages for any username where /var/virtual/<username>/Maildir exists, so I don't need a duplicate list). >> 'action' interact is murky at best. In particular, the interactions >> among 'alias', 'userbase', and 'virtual' are not obvious to me, as is >> exactly what 'userbase' does (though the manpage for table(5) helps.). > > alias > xyz: user1 > > Mails for xyz will be delivered to user1. > > > userbase <foobar> > Instead of looking into /etc/passwd to get informations about the user (for > example what the /home/dir is) the table foobar is used. > > > virtual > xyz user1 > z...@example.com user2 > @example.com allexample > @ all > > For a description of the difference between alias and virtual see Aliasing > tables in man 5 table. (Not sure if one could say alias exists more because of > tradition. It makes sure that on an unconfigured system root gets system > messages. (Because of file:/etc/mail/aliases)) Yes, I understand all of that -- but what happens if, for instance, you specify both alias and virtual for the same action? And userbase seems like overkill for virtual users with no account on the mailserver to be delivered to (given that it specifies numeric user and group), but will it allow accepting mail for the usernames it lists? >> Also, 'postmaster', and several other names listed in RFC 2142, are >> supposed to always be processed case-insensitively; I don't see any >> mention of what, if anything, is done about this. Even if nothing is >> done an explicit statement to that effect would be useful. > > All lookups are case-insensitive. Given that usernames are allowed to be case-sensitive (as stated in the second paragraph of RFC 5321 section 2.4: "The local-part of a mailbox MUST BE treated as case sensitive."), this _really_ ought to be clearly and obviously stated. Also, note the special status of 'postmaster' in the final paragraph of section 2.3.5 of RFC 5321: "The reserved mailbox name "postmaster" may be used in a RCPT command without domain qualification (see Section 4.1.1.3) and MUST be accepted if so used.". I think that a prominent statement should be added to the smtpd.conf manpage, probably something like "All lookups and comparisons of the user-part of an email address are case-insensitive, and no special handling is done for any user-part." This is something that anyone configuring smtpd really should know. Dave -- Dave Anderson <d...@daveanderson.com>