April 16, 2022 2:50 AM, "Beau Ford" <bf...@0x.co> wrote: > Gilles, > > Thank you for the time and energy you have spent on this. I appreciate it. >
You're welcome :-) > On Fri, 15 Apr 2022, gil...@poolp.org wrote: > >> Sorry but on a second thought, this is wrong for several reasons. >> >> The main one is that aliases transforms recipient addresses BEFORE they are >> matched >> to a local user, so imagine you have something like: > > OK, that answers my original, fundamental question: why aren't there > wildcards / catchalls in > aliases. Now I know. Thanks! > >> If I were you, I'd try to fit my use-case in virtual rather than aliases as >> this is >> the mechanism intended for what you're trying to do. I had a look at Postfix >> and if >> I'm not mistaken they also have catchall part of virtual rather than >> aliases, which >> would likely be for the same reasons. > > OK. > > I worked up an alternative ... I actually only have four aliases so I > hardcoded them into the conf > file like this: > > # plain old unix usernames > action "users" mbox > > # aliases > action "abuse" mbox virtual { "ab...@domain.com" = postmaster } > action "reminders" mbox virtual { "remind...@domain.com" = username } > > # catchall > action "catchall" mbox virtual { "@domain.com" = username } > > # explicit match rule for every unix user - all use the "users" action > > match from any for any rcpt-to "u...@domain.com" action "users" > match from any for any rcpt-to "us...@domain.com" action "users" > match from any for any rcpt-to "us...@domain.com" action "users" > > # Next come the aliases > > match from any for any rcpt-to "ab...@domain.com" action "abuse" > match from any for any rcpt-to "remind...@domain.com" action "reminders" > > # Last is the catchall > > match from any for domain "domain.com" action "catchall" > > This is weird and ugly but I am pleased with the actual result - are there > any dangers or pitfalls > here that I am not noticing ? > not really, but is there a reason you don't merge them as such? action "users" mbox action "local_deliver" mbox virtual { "ab...@domain.com" = postmaster, "remind...@domain.com" = username, "@domain.com" = username } match from any for any rcpt-to { "u...@domain.com", "us...@domain.com", "us...@domain.com" } action "users" match from any for any rcpt-to "@domain.com" action "local_deliver" or even as such (untested but so you get the idea): table "vdom" { "us...@domain.com" = user1, "us...@domain.com" = user2, "us...@domain.com" = user3, "ab...@domain.com" = postmaster, "remind...@domain.com" = username, "@domain.com" = username } action "local_deliver" mbox virtual <vdom> match from any for any rcpt-to <vdom> action <local_deliver> or as such if you only have a single domain: table "vdom" { "user1" = "user1", "user2" = "user2", "user3" = "user3", "abuse" = "postmaster", "reminders" = "username", "@domain.com" = username } action "local_deliver" mbox virtual <vdom> match from any for any domain "domain.com" rcpt-to <vdom> action <local_deliver> I'd use a file to back the table too as this allows updating it and calling `smtpctl update table vdom`, rather than having to restart the daemon to update the list of users: table "vdom" file:/etc/mail/vdom > Hope the example above helps someone in the future. If future readers wonder > how I handle multiple > recipients for a single alias, I just cc: the second or third recipient in > .procmailrc ... so the > normal alias syntax of: > > user joe,billy,bob > > ... is not actually possible ... I have to achieve that with procmail. > are you sure ? I can't test right now but I don't see a reason why { u...@domain.com = "joe,billy,bob" } would not work, if it really doesn't that may be a mistake on your side or a bug on OpenSMTPD's > Thanks! > > P.S. YES, I did indeed waste two hours on that thing where the rule is > written: > > match from any rcpt-to "gil...@poolp.org" action "out" > > ... but it should be: > > match from any for any rcpt-to "gil...@poolp.org" action "out" look at the bright side, the reaosn why you wasted two hours is because it tried hard not to let you create a relay that was too open :-]