April 16, 2022 2:50 AM, "Beau Ford" <bf...@0x.co> wrote:
> Gilles,
>
> Thank you for the time and energy you have spent on this. I appreciate it.
>
You're welcome :-)
> On Fri, 15 Apr 2022, gil...@poolp.org wrote:
>
>> Sorry but on a second thought, this is wrong for several reasons.
>>
>> The main one is that aliases transforms recipient addresses BEFORE they are
>> matched
>> to a local user, so imagine you have something like:
>
> OK, that answers my original, fundamental question: why aren't there
> wildcards / catchalls in
> aliases. Now I know. Thanks!
>
>> If I were you, I'd try to fit my use-case in virtual rather than aliases as
>> this is
>> the mechanism intended for what you're trying to do. I had a look at Postfix
>> and if
>> I'm not mistaken they also have catchall part of virtual rather than
>> aliases, which
>> would likely be for the same reasons.
>
> OK.
>
> I worked up an alternative ... I actually only have four aliases so I
> hardcoded them into the conf
> file like this:
>
> # plain old unix usernames
> action "users" mbox
>
> # aliases
> action "abuse" mbox virtual { "ab...@domain.com" = postmaster }
> action "reminders" mbox virtual { "remind...@domain.com" = username }
>
> # catchall
> action "catchall" mbox virtual { "@domain.com" = username }
>
> # explicit match rule for every unix user - all use the "users" action
>
> match from any for any rcpt-to "u...@domain.com" action "users"
> match from any for any rcpt-to "us...@domain.com" action "users"
> match from any for any rcpt-to "us...@domain.com" action "users"
>
> # Next come the aliases
>
> match from any for any rcpt-to "ab...@domain.com" action "abuse"
> match from any for any rcpt-to "remind...@domain.com" action "reminders"
>
> # Last is the catchall
>
> match from any for domain "domain.com" action "catchall"
>
> This is weird and ugly but I am pleased with the actual result - are there
> any dangers or pitfalls
> here that I am not noticing ?
>
not really, but is there a reason you don't merge them as such?
action "users" mbox
action "local_deliver" mbox virtual { "ab...@domain.com" = postmaster,
"remind...@domain.com" = username, "@domain.com" = username }
match from any for any rcpt-to { "u...@domain.com", "us...@domain.com",
"us...@domain.com" } action "users"
match from any for any rcpt-to "@domain.com" action "local_deliver"
or even as such (untested but so you get the idea):
table "vdom" { "us...@domain.com" = user1, "us...@domain.com" = user2,
"us...@domain.com" = user3, "ab...@domain.com" = postmaster,
"remind...@domain.com" = username, "@domain.com" = username }
action "local_deliver" mbox virtual <vdom>
match from any for any rcpt-to <vdom> action <local_deliver>
or as such if you only have a single domain:
table "vdom" { "user1" = "user1", "user2" = "user2", "user3" = "user3", "abuse"
= "postmaster", "reminders" = "username", "@domain.com" = username }
action "local_deliver" mbox virtual <vdom>
match from any for any domain "domain.com" rcpt-to <vdom> action <local_deliver>
I'd use a file to back the table too as this allows updating it and calling
`smtpctl update table vdom`,
rather than having to restart the daemon to update the list of users:
table "vdom" file:/etc/mail/vdom
> Hope the example above helps someone in the future. If future readers wonder
> how I handle multiple
> recipients for a single alias, I just cc: the second or third recipient in
> .procmailrc ... so the
> normal alias syntax of:
>
> user joe,billy,bob
>
> ... is not actually possible ... I have to achieve that with procmail.
>
are you sure ?
I can't test right now but I don't see a reason why { u...@domain.com =
"joe,billy,bob" }
would not work, if it really doesn't that may be a mistake on your side or a
bug on
OpenSMTPD's
> Thanks!
>
> P.S. YES, I did indeed waste two hours on that thing where the rule is
> written:
>
> match from any rcpt-to "gil...@poolp.org" action "out"
>
> ... but it should be:
>
> match from any for any rcpt-to "gil...@poolp.org" action "out"
look at the bright side, the reaosn why you wasted two hours is because it
tried hard
not to let you create a relay that was too open :-]
