Hello,
I have a general question about userdb and passdb lookups, in my case related to driver=sql.
The documentation and most examples in the internet seem to assume that a user's login username to access a mailbox is identical to his email-address, or at least to the local-part of this email-address. This setup works fine. But I don't understand how to setup dovecot, when login username and email adresses differ. Or to say it in other words, how to map email-adresses to mailbox users.
I need a sql password_query for passdb to validate the password for a given login name during SMTP or SASL authentication. Lets say the credentials are "user-1"/"anypassword", then the query is similar to "select password from mailboxes where username='%u'".
The next step, user_query for userdb is executed to get storage information for user "user-1". This query must also search for the username "user-1", not for an email-adress: "select home, mail from mailboxes where username='%u'".
So far, so good. But:
For incoming mails via LMTP, my user_query from userdb is being executed with the email-address as search parameter (instead of the login name), so it fails. I miss a third query that maps one user to each email address for delivery, prior to the userdb lookup. For Example:
bob@example.org => user-1 eve@example.org => user-1 ted@example.org => user-2 @catchall.org => user-3
"select username from addr_maps where addr='%n@%d'".
What is the correct setup for this szenario?
I've found two solutions that seem to work, but i'm not sure if they are really failsafe.
I) I use driver=prefetch as a first userdb, so for authentication, only the password_query from passdb is relevant and returns all mailbox details. A second userdb does a user_query lookup against email-addresses and is only called for incoming mails.
passdb { driver = sql args = /etc/dovecot/sql-check-user.conf } userdb { driver = prefetch } userdb { driver = sql args = /etc/dovecot/sql-check-addr.conf }
II) The second userdb performs lookups against usernames (as in the passwd query), but I place a third userdb {} within the lmtp's protocol section, which does a address lookup instead of a username lookup:
protocol lmtp { userdb { driver = sql args = /etc/dovecot/sql-check-addr.conf } }
passdb { driver = sql args = /etc/dovecot/sql-check-user.conf } userdb { driver = sql args = /etc/dovecot/sql-check-user.conf }
What do you think, is there a better solution?
- greetings Andreas
Dovecot Version: 2.2.27 (c0f36b0)