I wrote this Howto based on my experience in trying to get the configuration below. Hope this helps.
Here is what I was trying to achieve: -Receive all email for loorimar.com, spam filter it, send it through the default user's .qmail-default. Mail is forwarded to another mail server. -Receive email for a limited number of virtual users within the loorimar.com domain, allow them access to TMDA-cgi so they can view their pending messages and make config changes. Mail is forwarded to another mail server. -Nobody uses POP3 to retrieve email from the server, it is simply a relay. Here is how I did it: -Install TMDA and TMDA-cgi Most of my email is caught by one user, sebastian, so my /var/qmail/control/virtualdomains looks like this: --snip-- loorimar.com:sebastian ckts.net:ckts --snip-- This directs qmail to send all mail for loorimar.com to ~sebastian/.qmail-default for processing. In my ~sebastian/.qmail-default I have the following: --snip-- |preline /usr/bin/tmda-filter | /var/qmail/bin/forward "$LOCAL"@mailserver.loorimar.com --snip-- Essentially all email is caught by .qmail-default, run through TMDA and forwarded to another mailserver which holds the email ready for POP3 pickup. So far, so good. Now I was trying to create a number of virtual users on my system. ckts had its own domain, so that was easy. Create a system account, configure ~ckts/.qmail-default and make it look like my .qmail-default for sebastian. Add the user for TMDA-cgi authentication, Done Where I really ran into a challenge was to create a virtual user in the loorimar.com domain. Let's say I want all email for loorimar.com to be processed by sebastian, but have all email to [EMAIL PROTECTED] processed separately so I can give them their own login to TMDA-cgi. I ended up with the following configuration: 1. Create a system account for userB, make sure userB has a ~userB/.tmda setup. 2. TMDA-cgi compilation parameters --snip-- What mode should the CGI run in? [system-wide, single-user, no-su] > system-wide Which virtual user stub and parameters should I use for locating virtual users? If your system does not have any virtual users, enter "None". > qmailuserassign /bin/grep ~ /var/qmail/users/assign --snip-- 3. Configure /var/qmail/users/assign: --snip-- =userB:userB:527:501:/home/userB::: =sebastian:sebastian:500:500:/home/sebastian::: =ckts:ckts:523:501:/home/ckts::: . --snip-- After you configure this (and don't forget the single "." on a line by itself) run the /var/qmail/bin/qmail-newu command. This compiles the assign file into a cdb file for faster lookups. Alternatively if you are using Webmin it will do this for you automatically. 4. Add userB to your /var/qmail/control/virtualdomains file I do not store email for userB on system, instead I forward it to her current email account. So my ~userB/.qmail-default reads: --snip-- |preline /usr/bin/tmda-filter | /var/qmail/bin/forward [EMAIL PROTECTED] --snip-- So now my virtualdomains file looks like this: --snip-- loorimar.com:sebastian ckts.net:ckts [EMAIL PROTECTED]:userB --snip-- This takes all email to userB and runs it through the ~userB/.qmail process 5. One last thing, configure a ~sebastian/.qmail-userB-default with the following contents: --snip-- |forward "userB-$DEFAULT"@localhost --snip-- This is neccessary for TMDA to correctly forward challenge responses. Basically the forward command tells qmail to send all email to "[EMAIL PROTECTED]" to userB's system account. Notice how it is userB- (with a dash). It will NOT forward [EMAIL PROTECTED] since that doesn't have a dash between the username and the postfix. Long and complex process, but it works great ;) Anyone out there want to change this process so it will scale more easily? Thanks to Jim Ramsay and Charles Cazabon for their help in getting this worked out. _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
