On Wed, May 12, 2010 at 04:20, Steffen Kaiser wrote: actually it looks like, nobody uses passwd-file like you do :) This aspect can be changed, if needed. If needed, one big file with
user@domain in the first colon-separated field would be doable, too. The doc at http://wiki.dovecot.org/AuthDatabase/PasswdFile would lead to
your assumption of operation, that is: Yes, the user will need to provide the full user@domain they want to login
as. Just user alone is insufficient in some cases, and even if user fred is
only in one domain today, it might also be in another domain, tomorrow. So
all users will need to login with user@domain. The initial scheme was looking for user by itself in a passwd-file format
file identified with domain name. But this can be changed to looking for
user@domain (which seems pointless unless it is one big file). Overwrite? It looks like my understanding of %n and %u was swapped. But that shouldn't
affect %d. I can't imagine that by using %u it would cause %d to be empty
(as in "oh, domain is already used, can't use it again"). I'd be using CDB format if it were available. So far, passwd-file is the
only plain file format Dovecot supports. Postfix supports CDB and others,
but not passwd-file. I wish there was common ground there. That or the
Berkeley-DB format. Yet another "format" I suggested many years ago is not supported anywhere
(except in some code I wrote unrelated to email). That "format" is where
the key is a file name in a specified directory, and the contents of that
file would be the value yielded. It's a wasteful format in filesystems like
ext2/3, but in reiserfs it works well as long as tail packing is not
disabled. Could you verify that the domain gets stripped by setting mail_debug, auth_verbose and auth_debug? Gonna work on that, today. This page http://wiki.dovecot.org/VirtualUsers catches my eyes: "In the above examples users are expected to log in as "user@domain".
Their mail is kept in their home directory at
/home/<domain>/<username>/Maildir. The usernames in the passwd and shadow files are expected to contain only
the user part, no domain. This is because the path itself already contained
%d to specify the domain. If you want the files to contain full user@domainnames, you can use %0.d instead of %d." This is exactly what you want, IMO. I believe so. But I'm still not so sure Postfix's idea of "virtual users"
is the same. I need to try it both ways. I do know in the past, virtual_*
in Postfix was treating all domains as one and didn't work right for what I
was doing (didn't involve Dovecot way back then). These pages also describes your idea: http://neranjara.org/article/title/How_to_configure_PostFix_and_Dovecot_for_... http://serverfault.com/questions/80590/how-do-i-persuade-dovecot-and-postfix... They do seem to be using %d in the same kind of way I'm expecting to. I'll
look these over to see if any differences in how other parts are configured
can make sure %d has the recipient's domain.