Hi,
I've been using postfix and dovecot for a few years, and have been doing public mailboxes with dovecot-lda, using a postfix transport that looks like (line wrapped for the mailer):
my-public-transport unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/bin/spamc -u <me> -e
/usr/lib/dovecot/dovecot-lda -f ${sender} -d <me> -m public/${user}
So messages first passed to spamassassin, using my own personal config for bayes rules, then to dovecot-lda, using my user for auth, and finally delivering to a public/* mailbox, with acl rules for access.
I'm moving spamassassin to a mimedefang milter, so that's out of the equation; and LDA to LMTP, so the postfix config simply becomes:
virtual_transport = lmtp:unix:private/dovecot-lmtp
That's much nicer, but I'm not sure how to handle the public mailbox using LMTP.
How are people doing this? While Googling I saw a recommendation to create a virtual user for the public mailboxes, and then presumably Postfix would map "info@mydomain.com" to "publicuser+info@mydomain.com" and I would go from there. But that seems a little weird: I don't want anyone to be able to log in as publicuser, nor to send mail as that user (Postfix uses Dovecot for auth). Yet I don't seem to be able to pass other arguments to lmtp, that might indicate which user to use for auth.
Does anyone have a clean solution for this?
Thanks in advance, Eric
Eric Abrahamsen via dovecot dovecot@dovecot.org writes:
Hi,
I've been using postfix and dovecot for a few years, and have been doing public mailboxes with dovecot-lda, using a postfix transport that looks like (line wrapped for the mailer):
my-public-transport unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/bin/spamc -u <me> -e
/usr/lib/dovecot/dovecot-lda -f ${sender} -d <me> -m public/${user}So messages first passed to spamassassin, using my own personal config for bayes rules, then to dovecot-lda, using my user for auth, and finally delivering to a public/* mailbox, with acl rules for access.
I'm moving spamassassin to a mimedefang milter, so that's out of the equation; and LDA to LMTP, so the postfix config simply becomes:
virtual_transport = lmtp:unix:private/dovecot-lmtp
That's much nicer, but I'm not sure how to handle the public mailbox using LMTP.
How are people doing this? While Googling I saw a recommendation to create a virtual user for the public mailboxes, and then presumably Postfix would map "info@mydomain.com" to "publicuser+info@mydomain.com" and I would go from there. But that seems a little weird: I don't want anyone to be able to log in as publicuser, nor to send mail as that user (Postfix uses Dovecot for auth). Yet I don't seem to be able to pass other arguments to lmtp, that might indicate which user to use for auth.
What I ended up doing, which is working out very nicely, is nesting another userdb inside the lmtp protocol stanza:
protocol lmtp { # ... userdb { passwd-file args = /etc/dovecot/publicuser.db } }
That database defines my public user, public@mydomain.net, and its mail/home arguments, but it's only valid for the LMTP transport -- it's not available for IMAP login, nor postfix SMTP authentication. Its mailboxes are only accessible by other users, via acl files.
Postfix's virtual_alias_maps contain entries like:
info@mydomain.net public@mydomain.net
Then sieve rules in the public user's directory look at the "to" header (envelope "to" is always public@mydomain.net) and shunt the mail into the right mailbox.
This works great (though I'm a tiny bit uncomfortable that the Delivered-To header still contains "public@mydomain.net").
Later I changed postfix's config to:
info@mydomain.net public+info@mydomain.net
That way I didn't need a sieve script at all, only needed make sure recipient_delimiter was "+", and lmtp_save_to_detail_mailbox was "yes".
Hope this is useful for posterity...
Eric
participants (1)
-
Eric Abrahamsen