2 messages in net.sourceforge.lists.courier-users[courier-users] Making virtual accoun...| From | Sent On | Attachments |
|---|---|---|
| Lindsay Haisley | Mar 30, 2002 6:12 pm | |
| Sam Varshavchik | Mar 30, 2002 7:43 pm |
| Subject: | [courier-users] Making virtual accounts work - a solution | |
|---|---|---|
| From: | Lindsay Haisley (fmou...@fmp.com) | |
| Date: | Mar 30, 2002 6:12:42 pm | |
| List: | net.sourceforge.lists.courier-users | |
Getting virtual accounts to work in courier wasn't easy, but here's my solution. I got some help from Sam (Thanks!) and did a lot of poking and experimenting in authmysqlrc. There's a special problem with some mail clients, such as Eudora, which store POP account information in the format user@pop_host and have difficulty with user account names containing "@", which is the simplest situation with virtual accounts. An POP host spec in Eudora of "user@domain@mailhost" gets parsed as user "user", mail host "domain@mailhost" rather than user "user@domain", mail host "mailhost".
I used a mysql courier.passwd table with the following structure:
+-------------+------------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-------------+------------------+------+-----+---------+-------+ | id | char(128) | | MUL | | | | crypt | char(128) | | | | | | clear | char(128) | | | | | | name | char(128) | | | | | | uid | int(10) unsigned | | | 65534 | | | gid | int(10) unsigned | | | 65534 | | | home | char(255) | | | | | | maildir | char(255) | | | | | | quota | char(255) | | | | | | domain_name | char(60) | | | fmp.com | | +-------------+------------------+------+-----+---------+-------+
I set up hosteddomains to include all domains for virtual accounts.
Make sure that in authmysqlrc you have DEFAULT_DOMAIN set to something. Anything will do, otherwise mysql queries on bare ID's will fail in MYSQL_SELECT_CLAUSE and authdaemon will return "Service temporarily unavailable" and not fall through if you have chaining authentication modules.
Set MYSQL_SELECT_CLAUSE to:
select id,crypt,uid,gid,clear,home,maildir,quota,name from courier.passwd where (id="$(local_part)" and domain_name="$(domain)") or CONCAT(id, "%", domain_name)="$(local_part)"
(all one line)
User ID's for virtual accounts are stored without a domain name.
If the database contains an id "friend" with a domain_name of "frobniz.com", an esmpt "rcpt_to: <fri...@frobniz.com>" will find the appropriate virtual account and allow incoming email. Authmysql will _also_ authenticate "friend%frobniz.com" for the purpose of POP3 logins, which allows Eudora to see the account. As a side effect, mail to "frie...@frobniz.com" will also be delivered, but I don't thing this is cause for concern.
-- Lindsay Haisley | "Everything works | PGP public key FMP Computer Services | if you let it" | available at 512-259-1190 | (The Roadie) | <http://www.fmp.com/pubkeys> http://www.fmp.com | |