LMTP Post login script for acl_groups

lists at mlserv.org lists at mlserv.org
Wed Aug 28 21:17:22 EEST 2019



> Am 28.08.2019 um 20:11 schrieb Aki Tuomi via dovecot <dovecot at dovecot.org>:
> 
> 
>> On 28/08/2019 21:07 R.N.S. via dovecot <dovecot at dovecot.org> wrote:
>> 
>> 
>>> Am 28.08.2019 um 20:02 schrieb Aki Tuomi via dovecot <dovecot at dovecot.org>:
>>> 
>>> 
>>>> On 28/08/2019 21:01 R.N.S. via dovecot <dovecot at dovecot.org> wrote:
>>>> 
>>>> 
>>>>> Am 28.08.2019 um 19:46 schrieb Jakobus Schürz via dovecot <dovecot at dovecot.org>:
>>>>> 
>>>>> I think, i had the same problem as you.
>>>>> 
>>>>> When dovecot runs lmtp, no user is logged in, so there is no user from
>>>>> which you can get groups. So i think, my solution is (not really sure,
>>>>> if this is right, it's a long time ago, i played around) this transport
>>>>> in exim for local delivery
>>>>> 
>>>>> dovecot_delivery:             
>>>>> debug_print = "T: dovecot_delivery_pipe for $local_part@$domain
>>>>> translates to GET_LOCAL_MAIL"
>>>>> driver = pipe               
>>>>> command = /usr/lib/dovecot/deliver -d "GET_LOCAL_MAIL"
>>>>> message_prefix =
>>>>> message_suffix =
>>>>> delivery_date_add
>>>>> envelope_to_add             
>>>>> return_path_add             
>>>>> log_output
>>>>> user = MAILUSER
>>>>> group = MAILUSER
>>>>> 
>>>>> I have a really sophisticated setup with ldap... so GET_LOCAL_MAIL and
>>>>> MAILUSER are makros which get the email-adress and the mailuser for the
>>>>> receiving emailadress.
>>>>> 
>>>>> GET_LOCAL_MAIL could be $local_part@$domain
>>>>> MAILUSER is vmail in my setup, the user who owns all mailboxes
>>>>> 
>>>>> /usr/lib/dovecot/deliver is an alternative for the lmtp-delivery.
>>>> 
>>>> Unfortunately this way Postfix and Dovecot need to run on the same host.
>>>> 
>>>> I wonder, if this is a LMTP or Sieve issue. Maybe something can be done in sieve configuration to solve this?
>>>> 
>>>> Is there nobody from @Dovecot who could give some feedback :-) please :-)
>>>> 
>>>> Thanks
>>>> 
>>>> Christian
>>> 
>>> It could be possible to solve this with auth lua script that would allow returning the acl groups as a string, instead of using post-login script.
>> 
>> Does that mean, I would give a second userdb with a Lua script?
>> 
>> Can I combine LDAP and Lua backends? Are both read together or is it a first-match-wins decision?
>> 
>> Christian
> 
> You can combine them, dovecot allows you to decide if you want first-match or all of them.
> 
> See https://doc.dovecot.org/configuration_manual/authentication/user_databases_userdb

Ah, ok. I see the result* fields.

I will have a closer look at the Lua documentation in the Wiki. I may probably come back later :-)

Christian


More information about the dovecot mailing list