Le Tue, 09 Mar 2021 08:47:12 -0900, justina colmena ~biz justina@colmena.biz a écrit :
If the $virtual_alias_maps directive invalidates virtual mailboxes, then "the usual" aliases (postmaster@, etc.) for the virtual domains would have to be listed in /etc/aliases along with the non-virtual aliases, but this does not work either, and generates a warning when "newaliases" is run.
postalias: warning: /etc/aliases, line 99: name must be local
So as far as I can tell, no aliasing at all is available for "virtual_mailbox_domains" in postfix
/etc/aliases for local alias only. Use "virtual_alias_maps = hash:$config_directory/virtual" for virtual addresses (left-hand) resolution to virtual and or (local addresses if need to) (right-hand) on this table.
Then set in postfix main.cf the *_transport: virtual_transport = lmtp:unix:private/dovecot-lmtp # this path is relative to /var/spool/postfix/ mailbox_transport = ${virtual_transport}
I am still unsure how to authenticate the virtual users on postfix. PAM authentication works fine for non-virtual users. The following command gives two options for authentication: cyrus-sasl and dovecot-sasl.
# postconf -a cyrus dovecotPostfix also works with cyrus-sasl if the passwords are set in "/etc/sasldb2" via the "saslpasswd2" command, but dovecot doesn't seem to work with cyrus-sasl, and has its own type of sasl authentication.
I realize this is not a postfix list, so my real question here is, What do I need in order for dovecot to authenticate the virtual users and allow them to read their mail and obtain authorization to send mail via postfix on the same system?
cyrus-sasl isn't needed if you're running dovecot (dovecot does provide an SASL authentication socket).
From postfix view, use in main.cf: smtpd_sasl_security_options = noanymous, noactive, nodictionary smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth # this path is relative to /var/spool/postfix/
From dovecot view, configure a service auth:
service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } }
Then for your virtual users, you'll need to maintain a virtual users table backend (be it flat file, SQL, etc.):
https://doc.dovecot.org/configuration_manual/authentication/
-- matt [at] lv223.org GPG key ID: 7D91A8CA