Re: Virtual users @ virtual domains / better documentation?

[Matt Anton]

Le Tue, 09 Mar 2021 08:47:12 -0900,
justina colmena ~biz  a écrit :

> If the $virtual_alias_maps directive invalidates virtual mailboxes,
> then "the usual" aliases (postmaster@, etc.) for the virtual domains
> would have to be listed in
> /etc/aliases
> along with the non-virtual aliases, but this does not work either,
> and generates a warning when "newaliases" is run.
> 
> postalias: warning: /etc/aliases, line 99: name must be local
> 
> So as far as I can tell, no aliasing at all is available for 
> "virtual_mailbox_domains" in postfix

/etc/aliases for local alias only. Use "virtual_alias_maps =
hash:$config_directory/virtual" for virtual addresses
(left-hand) resolution to virtual and or (local addresses if need to)
(right-hand) on this table.

Then set in postfix main.cf the *_transport:
virtual_transport = lmtp:unix:private/dovecot-lmtp # this path is
relative to /var/spool/postfix/
mailbox_transport = ${virtual_transport}

> I am still unsure how to authenticate the virtual users on postfix.
> PAM authentication works fine for non-virtual users. The following
> command gives two options for authentication: cyrus-sasl and
> dovecot-sasl.
> 
> # postconf -a
> cyrus
> dovecot
> 
> Postfix also works with cyrus-sasl if the passwords are set in
> "/etc/sasldb2" via the "saslpasswd2" command, but dovecot doesn't
> seem to work with cyrus-sasl, and has its own type of sasl
> authentication.
> 
> I realize this is not a postfix list, so my real question here is,
> What do I need in order for dovecot to authenticate the virtual users
> and allow them to read their mail and obtain authorization to send
> mail via postfix on the same system?

cyrus-sasl isn't needed if you're running dovecot (dovecot does provide
an SASL authentication socket).

From postfix view, use in main.cf:
smtpd_sasl_security_options = noanymous, noactive, nodictionary
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth # this path is relative to
/var/spool/postfix/

From dovecot view, configure a service auth:

service auth {
unix_listener /var/spool/postfix/private/auth {
  group = postfix
  mode = 0660
  user = postfix
}
}

Then for your virtual users, you'll need to maintain a virtual users
table backend (be it flat file, SQL, etc.):



-- 
matt [at] lv223.org
GPG key ID: 7D91A8CA



pgpIp2syB7yiH.pgp
Description: Signature digitale OpenPGP

Re: Sieve logging?

[Matt Anton via dovecot]

On 13 Jun 2019, at 14:47, @lbutlr wrote:

> What sort of configuration change would I need to do to use LMTP instead of 
> LDA?

Regarding dovecot, all you need to do is following:


 (if postfix is your MTA)
 (if exim is your MTA)

> And are there any downsides?

Not that I’m aware of. Things remained the same as when I was using LDA but 
using LMTP over Dovecot’s LDA brings some advantages like better performances 
(no need to fire up new processes for deliveries) among others one.

There were several threads on the list related to LDA vs LMTP, such as:




> What do I do about
>
> lda_mailbox_autocreate = yes
> lda_mailbox_autosubscribe = yes
>
> ?

They’re also used by LMTP so no need to worry when migrating from LDA to LMTP.
You can check what LDA’s options are specifically also used by LMTP in 
examples/conf.d/15-lda.conf

-- 
matt [at] lv223.org
GPG key ID: 7D91A8CA


signature.asc
Description: OpenPGP digital signature

Re: Sieve logging?

[Matt Anton via dovecot]

On 13 Jun 2019, at 13:40, @lbutlr via dovecot wrote:

> The user is a virtual user with a home folder of 
> /usr/local/virtual/u...@domain.tld/ as defined in the sql file and a mail 
> location of maildir:/usr/local/virtual/u...@domain.tld/Maildir/
>
> /usr/local/virtual/u...@domain.tld/
> ├── .list_local.   \
> ├── .list_procmail  > Left-over files for reference
> ├── .procmailrc.   /
> ├── .sieve
> │  ├── .active_sieve -> list.sieve
> │  └── list.sieve
> ├── .sms_procmail   > Also left for reference
> └── Maildir
>[ All the maildirs and files]
>
> There is no log file. I will specify sieve_user_log = ~/sieve.log and see 
> what happens.

Got too virtual users/domains but instead of LDA I’m delivering through LMTP, 
which logs everything related to mail deliveries (quota, sieve, etc.) to 
/var/log/dovecot_lmtp_debug.log by setting ‘info_log_path’ in dovecot’s conf 
whereas sieve scripts parsing errors are by default logged to user 
~/.dovecot.sieve.log

-- 
matt [at] lv223.org
GPG key ID: 7D91A8CA


signature.asc
Description: OpenPGP digital signature

Re: Sieve logging?

[Matt Anton via dovecot]

On 13 Jun 2019, at 3:25, @lbutlr via dovecot wrote:

> I am trying to create some sieve scripts to filter my mailing lists and am 
> wondering if sieve logs anywhere, and it so where? I don’t see anything in 
> mail.log beyond lines like:
>
> dovecot: lda(krem...@kreme.com)<39790>: sieve: 
> msgid=<267d5d71-d99c-4790-8706-c1a92bcc9...@kreme.com>: stored mail into 
> mailbox ‘INBOX'
>
> Which doesn’t really tell me anything other than that the script failed.

Sieve logs are in users’s homes and can be configured with « sieve_user_log »:

« sieve_user_log =
The path to the file where the user log file is written. If not configured, a 
default location is used. If the main user's personal Sieve (as configured with 
sieve=) is a file, the logfile is set to .log by default. If it is 
not a file, the default user log file is ~/.dovecot.sieve.log. »

More info at 

-- 
matt [at] lv223.org
GPG key ID: 7D91A8CA


signature.asc
Description: OpenPGP digital signature

Re: [FTS Xapian] RC release

[Matt Anton via dovecot]

On 24 Jan 2019, at 14:35, Joan Moreau via dovecot wrote:

> Hi,

Hi Joan,

> FTS Xapian matches my targets for the plugins (replacing deprecated
> fts-squat in a production environment)
> https://github.com/grosjo/fts-xapian
> Please do not hesitate to add "issues" on github, if the case happen
> Hope it helps
> JM

I've been following the recent huge thread about Solr/Xapian as I planned to 
move from old fts-squat that still works ok on 2.3.4 but marked as deprecated 
and really appreciate your effort along with others contributors who helped you 
to make Xapian available as a dovecot fas plugin, thanks!

-- 
matt [at] lv223.org
GPG key ID: 7D91A8CA


signature.asc
Description: OpenPGP digital signature