Re: Setting up virtual mail users
I really gotta remember to reply all. Here's what was between Bobby and I: Here: Home-less Users Having a home directory for users is highly recommended. At a minimum, the Pigeonhole Sieve plugin requires a home directory to work. See Home Directories for Virtual Users for more reasons why it’s a good idea, and how to give Dovecot a home directory even if you don’t have a “real home directory”. If you really don’t want to set any home directory, you can use something like: mail_location = maildir:/home/%u/Maildir https://doc.dovecot.org/configuration_manual/mail_location/ Hide quoted text On Sat, Dec 4, 2021 at 12:34 PM Tyler Montney wrote: > reading in the documentation that user home folders are highly recommended Who (Dovecot or Postfix) and where? As for my configuration, I use /srv/vmail. Just personal preference. Assuming we're talking about using /home/%u, I wouldn't do that because I expect shell users to be there. (It might even go against convention for Linux.) If I'm wrong, someone else correct me as I'm interested to know. On Sat, Dec 4, 2021 at 10:30 AM bobby wrote: I was not planning on using Postfix admin. I would like to go the Virtual Users route... but I was reading in the documentation that user home folders, even for virtual, are highly recommended. Is this true? On Sat, Dec 4, 2021 at 11:14 AM Tyler Montney wrote: I'm confused, are you looking to support virtual users *and* local users, or is this about "only being available via Postfix admin"?
Re: Setting up virtual mail users
On Sun, Dec 05, 2021 at 12:38:00PM +1100, raf wrote: > On Fri, Dec 03, 2021 at 06:11:27PM -0500, bobby > wrote: > > > I stood up my server using these instructions from this website, which have > > gotten me VERY far. However, I'm at a deviation point. I'd like to have > > virtual users (and not require local unix accounts for those "users"), and > > then possibly even forward those emails to a real user, effectively > > masking/masquerading. > > https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu > > I noticed on her site, she has a section for: > > Create Virtual Mailboxes with PostfixAdmin (Ubuntu 18.04, Ubuntu 20.04) > > Trying to avoid a gui when/where possible, for security reasons. I am > > running 20.04 by the way. Just noticed the following bullet point actually > > on her site: > > "command-line client postfixadmin-cli for those who don’t want to click > > around in a web interface", which is probably what I'd do, or would like to > > do. But this is what caught my attention: " > > Note: Once you finish part 3, you can no longer use local Unix accounts as > > email addresses. You must create email addresses from the PostfixAdmin web > > interface." So I'm sure completing these instructions, would break my > > current setup. > > What is the best way to accomplish this? I've been playing around with the > > mysql path - thoughts on this approach? Any good tutorials that anyone can > > recommend, that use dovecot, postfix, and imap? > > I should note, I'd be the only user of this mail server. > > I think that using additional software for managing > virtual domains/users is unnecessary unless you have > large numbers of either, or if they change frequently. > > I have a small number of virtual domains and users and > manage it manually just with Postfix's configuration > files. It looks roughly like this: > > /etc/postfix/main.cf: > virtual_alias_domains = a.org b.org c.org > virtual_alias_maps = hash:/etc/postfix/virtual > virtual_mailbox_domains = virt.a.org > virtual_mailbox_maps = hash:/etc/postfix/vmailbox > virtual_mailbox_base = /var/vmailboxes > # uid 109 = user dovecot > virtual_minimum_uid = 109 > virtual_uid_maps = static:109 > # gid 115 = group dovecot > virtual_gid_maps = static:115 > > /etc/postfix/virtual: > a.org anything > d...@a.org localuser > k...@a.org k...@remote.org > a...@a.org alex.a@virt.a.org > b.org anything > hostmas...@b.org root > postmas...@b.org root > s...@b.org sam.b@virt.a.org > c.org anything > hostmas...@c.org root > postmas...@c.org root > j...@c.org jude.c@virt.a.org > > /etc/postfix/vmailbox: > alex.a.org a...@a.org/Maildir/ > sam.b.org s...@b.org/Maildir/ > jude.c.org j...@c.org/Maildir/ Oops. The /etc/vmailbox contents above should be: alex.a@virt.a.org a...@a.org/Maildir/ sam.b@virt.a.org s...@b.org/Maildir/ jude.c@virt.a.org j...@c.org/Maildir/ > The example above includes delivery to local users, > forwarding to remote users, and to local dovecot > accounts. My setup is a bit different because one of > the virtual domains has lots of addresses, and it is > added to frequently, so it has its own separate virtual > database that I manage with my own scripts. Doing > things manually will give you the flexibility you are > after. And once you are comfortable doing it manually, > you can probably write your own scripts to automate > parts that would benefit from automation, without > having to completely adopt someone else's model. > > The lines containing "anything" aren't necessary. If > they are there, then you don't need to set > virtual_alias_domains in main.cf (by default, Postfix > will find them in the virtual database). If they aren't > there, then you do need to set virtual_alias_domains in > main.cf to tell Postfix what the virtual domains are. > > Be warned that, if you forward to remote users, you > will run into bounces when the sending domain uses > strict SPF (-all). In that case, you will want to setup > SRS-enabled forwarding with postsrsd and postforward. > > That involves aliasing forwarded addresses to a local > entry in /etc/aliases that invokes postforward to > re-submit the mail using SRS addresses obtained from > postsrsd. For example, to change the k...@a.org address > to do this, its line in /etc/postfix/virtual would > change to: > > k...@a.org kim > > And /etc/aliases would contain something like this: > > kim: "/usr/local/bin/postforward k...@remote.org" > > Using postsrsd on its own without postforward rewrites > all envelope sender addresses whether they are > forwarded or not which seems wrong. > > And of course, don't forget to: > > postmap hash:/etc/postfix/virtual > postmap hash:/etc/postfix/vmailbox > > whenever those files are modified. > > cheers, > raf >
Re: Setting up virtual mail users
On Fri, Dec 03, 2021 at 06:11:27PM -0500, bobby wrote: > I stood up my server using these instructions from this website, which have > gotten me VERY far. However, I'm at a deviation point. I'd like to have > virtual users (and not require local unix accounts for those "users"), and > then possibly even forward those emails to a real user, effectively > masking/masquerading. > https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu > I noticed on her site, she has a section for: > Create Virtual Mailboxes with PostfixAdmin (Ubuntu 18.04, Ubuntu 20.04) > Trying to avoid a gui when/where possible, for security reasons. I am > running 20.04 by the way. Just noticed the following bullet point actually > on her site: > "command-line client postfixadmin-cli for those who don’t want to click > around in a web interface", which is probably what I'd do, or would like to > do. But this is what caught my attention: " > Note: Once you finish part 3, you can no longer use local Unix accounts as > email addresses. You must create email addresses from the PostfixAdmin web > interface." So I'm sure completing these instructions, would break my > current setup. > What is the best way to accomplish this? I've been playing around with the > mysql path - thoughts on this approach? Any good tutorials that anyone can > recommend, that use dovecot, postfix, and imap? > I should note, I'd be the only user of this mail server. I think that using additional software for managing virtual domains/users is unnecessary unless you have large numbers of either, or if they change frequently. I have a small number of virtual domains and users and manage it manually just with Postfix's configuration files. It looks roughly like this: /etc/postfix/main.cf: virtual_alias_domains = a.org b.org c.org virtual_alias_maps = hash:/etc/postfix/virtual virtual_mailbox_domains = virt.a.org virtual_mailbox_maps = hash:/etc/postfix/vmailbox virtual_mailbox_base = /var/vmailboxes # uid 109 = user dovecot virtual_minimum_uid = 109 virtual_uid_maps = static:109 # gid 115 = group dovecot virtual_gid_maps = static:115 /etc/postfix/virtual: a.org anything d...@a.org localuser k...@a.org k...@remote.org a...@a.org alex.a@virt.a.org b.org anything hostmas...@b.org root postmas...@b.org root s...@b.org sam.b@virt.a.org c.org anything hostmas...@c.org root postmas...@c.org root j...@c.org jude.c@virt.a.org /etc/postfix/vmailbox: alex.a.org a...@a.org/Maildir/ sam.b.org s...@b.org/Maildir/ jude.c.org j...@c.org/Maildir/ The example above includes delivery to local users, forwarding to remote users, and to local dovecot accounts. My setup is a bit different because one of the virtual domains has lots of addresses, and it is added to frequently, so it has its own separate virtual database that I manage with my own scripts. Doing things manually will give you the flexibility you are after. And once you are comfortable doing it manually, you can probably write your own scripts to automate parts that would benefit from automation, without having to completely adopt someone else's model. The lines containing "anything" aren't necessary. If they are there, then you don't need to set virtual_alias_domains in main.cf (by default, Postfix will find them in the virtual database). If they aren't there, then you do need to set virtual_alias_domains in main.cf to tell Postfix what the virtual domains are. Be warned that, if you forward to remote users, you will run into bounces when the sending domain uses strict SPF (-all). In that case, you will want to setup SRS-enabled forwarding with postsrsd and postforward. That involves aliasing forwarded addresses to a local entry in /etc/aliases that invokes postforward to re-submit the mail using SRS addresses obtained from postsrsd. For example, to change the k...@a.org address to do this, its line in /etc/postfix/virtual would change to: k...@a.org kim And /etc/aliases would contain something like this: kim: "/usr/local/bin/postforward k...@remote.org" Using postsrsd on its own without postforward rewrites all envelope sender addresses whether they are forwarded or not which seems wrong. And of course, don't forget to: postmap hash:/etc/postfix/virtual postmap hash:/etc/postfix/vmailbox whenever those files are modified. cheers, raf
Re: Setting up virtual mail users
On 12/3/2021 4:11 PM, bobby wrote: I noticed on her site, she has a section for: Create Virtual Mailboxes with PostfixAdmin (Ubuntu 18.04, Ubuntu 20.04) Trying to avoid a gui when/where possible, for security reasons. I am running 20.04 by the way. Just noticed the following bullet point actually on her site: "command-line client postfixadmin-cli for those who don’t want to click around in a web interface", which is probably what I'd do, or would like to do. But this is what caught my attention: " Note: Once you finish part 3, you can no longer use local Unix accounts as email addresses. You must create email addresses from the PostfixAdmin web interface." So I'm sure completing these instructions, would break my current setup. I'm using postfixadmin for email user management, in a mysql database, with postfix and dovecot. I'm familiar with using local unix accounts, but back when I did that, I was using sendmail or qmail, not postfix. Postfix is a lot easier to configure. There's no way I would ever go back to local unix accounts for email users. Probably the biggest reason is that I can now support multiple domains very easily. I have it set up so that the username is a full email address, which I considered necessary because I handle multiple domains. My mail server is a dedicated AWS instance for JUST email, users do not have shell accounts. I have servers in my basement for shell access and serving websites other than webmail. I used to also run email out of my basement, but for speed reasons I changed ISPs to one whose client-side public IP addresses are all listed in RBL blocklists, so running email out of my basement is no longer feasible. Postfix uses dovecot services for authentication and delivery. It has no knowledge of the back end storage setup. The backend storage is Maildir. All mailbox access is handled via dovecot with IMAP or POP3. If you have users that want commandline access to their virtual email account, mutt can use an IMAP mailbox, and other commandline MUAs probably can as well. I didn't know about postfixamin-cli, I will need to look into that. But with the web-based GUI, which is really quite nice to use, you could configure your webserver to only allow specific IP addresses. I leave mine open, because my webserver setup only allows https and postfixadmin requires authentication. Thanks, Shawn
Setting up virtual mail users
I stood up my server using these instructions from this website, which have gotten me VERY far. However, I'm at a deviation point. I'd like to have virtual users (and not require local unix accounts for those "users"), and then possibly even forward those emails to a real user, effectively masking/masquerading. https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu I noticed on her site, she has a section for: Create Virtual Mailboxes with PostfixAdmin (Ubuntu 18.04, Ubuntu 20.04) Trying to avoid a gui when/where possible, for security reasons. I am running 20.04 by the way. Just noticed the following bullet point actually on her site: "command-line client postfixadmin-cli for those who don’t want to click around in a web interface", which is probably what I'd do, or would like to do. But this is what caught my attention: " Note: Once you finish part 3, you can no longer use local Unix accounts as email addresses. You must create email addresses from the PostfixAdmin web interface." So I'm sure completing these instructions, would break my current setup. What is the best way to accomplish this? I've been playing around with the mysql path - thoughts on this approach? Any good tutorials that anyone can recommend, that use dovecot, postfix, and imap? I should note, I'd be the only user of this mail server.
