Design Check

[Felix Ingram]

On Thu, 28 Oct 2021 at 08:29, Felix Ingram <f.ingram at gmail.com> wrote:

> On Thu, 28 Oct 2021 at 00:15, <dovecot at ptld.com> wrote:
>
>> [...]
>
> > I think my "creating users" was me wanting to make sure that when
>> > postfix
>> > passes an email for "barbaz at mydomain.com" to Dovecot, then Dovecot
>> will
>> > store it and wait for
>> > someone to come along and impersonate barbaz. i.e. "barbaz" doesn't
>> > have to exist as a user
>> > already before Dovecot will store the mail.
>>
>> If you are using LMTP dovecot will only accept emails from postfix that
>> it can lookup the /directory/path to from one of the userdb{} or
>> passdb{} sections. If dovecot can not find a match in any of the
>> userdb{} or passdb{} it will reject the email as user unknown causing
>> postfix to send a undeliverable notice email back to the envelope sender
>> address, also known as back-scatter. I am not aware of a way to use
>> wildcard addresses in dovecot userdb{}, i don't think its possible but i
>> don't know what i don't know.
>>
>
> So I think this will be the main issue now - there's no way of knowing the
> addresses ahead of time, so it sounds like I'll need to add them to
> userdb{} when they
> hit postfix and before they get passed to dovecot.
>

Just to close the loop on this - I managed to get this working using
postfix's virtual aliases. I use
a postgresql function in the alias lookup that transforms '
tester at foobar.mydomain.com' into
'foobar at mydomain.com' and at the same time inserts 'foobar at mydomain.com'
into the
Dovecot users table. I then have a separate passdb for master users that
can log in and
impersonate the foobar user.

So far this seems to work.

Thanks again to everyone for the help.

Felix
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20211031/db13e3e4/attachment.html>