How to map email addresses to usernames?

Andreas Born dovecot at abotech.de
Tue Oct 10 05:26:33 EEST 2017 

Hello,

I have a general question about userdb and passdb lookups, in my case related
to driver=sql.

The documentation and most examples in the internet seem to assume that a
user's login username to access a mailbox is identical to his email-address,
or at least to the local-part of this email-address. This setup works fine.
But I don't understand how to setup dovecot, when login username and email
adresses differ. Or to say it in other words, how to map email-adresses to
mailbox users.

I need a sql password_query for passdb to validate the password for a given
login name during SMTP or SASL authentication. Lets say the credentials are
"user-1"/"anypassword", then the query is similar to "select password from
mailboxes where username='%u'".

The next step, user_query for userdb is executed to get storage information
for user "user-1". This query must also search for the username "user-1", not
for an email-adress: "select home, mail from mailboxes where username='%u'".

So far, so good. But:

For incoming mails via LMTP, my user_query from userdb is being executed with
the email-address as search parameter (instead of the login name), so it
fails. I miss a third query that maps one user to each email address for
delivery, prior to the userdb lookup. For Example:

bob at example.org => user-1
eve at example.org => user-1
ted at example.org => user-2
@catchall.org   => user-3

"select username from addr_maps where addr='%n@%d'".

What is the correct setup for this szenario?

I've found two solutions that seem to work, but i'm not sure if they are
really failsafe.

I) I use driver=prefetch as a first userdb, so for authentication, only the
password_query from passdb is relevant and returns all mailbox details. A
second userdb does a user_query lookup against email-addresses and is only
called for incoming mails.

passdb {
    driver = sql
    args = /etc/dovecot/sql-check-user.conf	
}
userdb {
    driver = prefetch
}
userdb {
    driver = sql
    args = /etc/dovecot/sql-check-addr.conf	
}


II) The second userdb performs lookups against usernames (as in the passwd
query), but I place a third userdb {} within the lmtp's protocol section,
which does a address lookup instead of a username lookup:

protocol lmtp {
    userdb {
        driver = sql
        args = /etc/dovecot/sql-check-addr.conf	
    }
}

passdb {
    driver = sql
    args = /etc/dovecot/sql-check-user.conf	
}
userdb {
    driver = sql
    args = /etc/dovecot/sql-check-user.conf	
}


What do you think, is there a better solution?




- greetings
Andreas



Dovecot Version: 2.2.27 (c0f36b0)

More information about the dovecot mailing list