[Dovecot] pgsql configuration
from the pgsql configuration file: # Query to retrieve the password. # # The query should return one row, one column. If more than one row or column # is returned, authentication will automatically fail. # # Available substitutions: # %u = entire userid # %n = user part of user@domain # %d = domain part of user@domain #
# Query to retrieve the user information. # # The query must return only one row. The columns to return are: # home - Home directory # mail - MAIL environment # system_user - System user name (for getting user's groups from /etc/group) # uid - System UID # gid - System GID # # Either home or mail is required. uid and gid are required. If more than one # row is returned or there's missing fields, login will automatically fail. #
I'm a bit slow here, so if someone could just nod if I'm in the right direction:
I want to support IMAP for at least two domains. Therefore I have to use the authentication string of: SELECT password FROM users WHERE userid = '%u' and the user must enter their entire email address for their login name. (I can do this!)
I want some portion of these domains and users to be consistent with existing accounts in my /etc/passwd database. I don't expect to use passwd information for the username and password, but I want the information returned for joe@domain2.com to be for the user:joe in my passwd file and have his email in /home/joe/Maildir. Similarly, I want others (either fred@domain2.com or jane@domain1.com) to be (ideally) all driven under a non-local account name and login.
For this second one, I'm thinking I need to do something like this in the user information query (this is mostly a guess): for joe@domain2.com (/etc/passwd) :: jane@domain1.com (no passwd) home - /home/joe --or-- can I use ~/ :: /var/spool/imap/%d/%n ?? mail - maildir:~/Maildir :: maildir:/var/spool/imap/%d/%n ?? system_user - joe :: (a guess -- adduser dovecot-imap to passwd maybe) uid - joes uid (1002) :: dovecot-imap uid (510) gid - joes gid (1001) :: dovecot-imap gid (510) with seperate group
This is where I get fuzzy. If someone could help me figure out where I went wrong I would appreciate it.
If I did this correctly, then in theory I could pass email delivery to procmail and have one set of rules (/etc/procmail) do some additional filtering for all the email under my domain1.com (spam filtering mostly) and perform a final delivery to maildirs in /var/spool/imap/doamin1.com/jane/
Or am I sleep deprived?
On Tue, 2004-06-08 at 03:58, Tom Allison wrote:
I want to support IMAP for at least two domains. Therefore I have to use the authentication string of: SELECT password FROM users WHERE userid = '%u' and the user must enter their entire email address for their login name. (I can do this!)
Either that, or where userid = '%n' and domain = '%d' (might be useful to separate the domain for some statistical purposes or similiar later).
I want some portion of these domains and users to be consistent with existing accounts in my /etc/passwd database. I don't expect to use passwd information for the username and password, but I want the information returned for joe@domain2.com to be for the user:joe in my passwd file and have his email in /home/joe/Maildir. Similarly, I want others (either fred@domain2.com or jane@domain1.com) to be (ideally) all driven under a non-local account name and login.
With 0.99.10 you can't have more than one userdb/passdb, so all your users have to be in either postgresql or passwd file. If you need to have some syncing between them, you'll have to do it some other way (cron jobs or something).
Or, you could take last 1.0-test release, but use imap binary from 0.99.10 as it's buggy in 1.0-tests, and use something like:
auth postgres { mechanisms = plain userdb = pgsql /etc/dovecot-pgsql.conf passdb = pgsql /etc/dovecot-pgsql.conf }
auth pam { mechanisms = plain userdb = passwd passdb = pam }
In that case Dovecot first tries postgresql, if it fails it tries PAM. Users in passwd would then login without the @domain part.
For this second one, I'm thinking I need to do something like this in the user information query (this is mostly a guess): for joe@domain2.com (/etc/passwd) :: jane@domain1.com (no passwd) home - /home/joe --or-- can I use ~/ :: /var/spool/imap/%d/%n ??
When you're defining home directory itself, ~/ is a bit ambiguous :) /var/spool/imap/%d/%n is fine, the mail would then be stored in /var/spool/imap/%d/%n/Maildir.
Except %d / %n doesn't work in actually inserted postgresql rows, so you'd have to store /var/spool/imap/domain.com/user there directly. Or create a view which returns the home directory based on username/domain.
mail - maildir:~/Maildir :: maildir:/var/spool/imap/%d/%n ??
mail isn't required to be set, and probably shouldn't if you don't need it. It's mostly useful for overriding the default_mail_env setting in configuration file, ie. if someone has their mails elsewhere than ~/Maildir (assuming default_mail_env = maildir:~/Maildir).
system_user - joe :: (a guess -- adduser dovecot-imap to passwd maybe)
It's used only to get groups for the user in /etc/group file. You probably don't need to set it at all.
uid - joes uid (1002) :: dovecot-imap uid (510) gid - joes gid (1001) :: dovecot-imap gid (510) with seperate group
Depends on what "dovecot-imap" is. It should be different from what you've set in login_user. For example create a new system user for "domain.com" and use it's uid/gid for all virtual users in that domain.
If I did this correctly, then in theory I could pass email delivery to procmail and have one set of rules (/etc/procmail) do some additional filtering for all the email under my domain1.com (spam filtering mostly) and perform a final delivery to maildirs in /var/spool/imap/doamin1.com/jane/
I don't know how global procmail config works, but I guess you could use ~/Maildir/.Spam/ or similiar in there.
participants (2)
-
Timo Sirainen
-
Tom Allison