No Hair Github Pages
Setting up a mailserver on OpenBSD 6.9: Virtual users
D. Set up virtual users: To prevent having to have every mail user have an actual account on the mail host, we'll use virtual users. Dovecot can use a variety of data sources for the virtual users including a simple list, flat file, redis, or a database like sqlite or mysql. Since I expect less than 20 users at max, a static list will be used, for now.
1. Create vmail user:
doas useradd -c "Virtual Users Mail Account" -d /var/vmail -s /sbin/nologin -u 2000 -g =uid \
-L staff vmail2. Create the necessary users, directories, and files:
doas touch /etc/mail/credentials
doas chmod 0440 /etc/mail/credentials
doas chown _smtpd:_dovecot /etc/mail/credentials
doas useradd -c "Virtual Mail Account" -d /var/vmail -s /sbin/nologin -u 2000 -g =uid -L staff vmail(You will get "useradd: Warning: home directory `/var/vmail' doesn't exist, and -m was not specified." That's fine.)
doas mkdir /var/vmail
doas chown vmail:vmail /var/vmail3. Populate the /etc/mail/credentials file. Each line in the file has a particular format:
john@example.com:$2b$10$_PSWD_STRING_C3JbO4Ns2jJNZQ:vmail:2000:2000:/var/vmail/example.com/john::userdb_mail=maildir:/var/vmail/example.com/johnor
username@domain.tld:<password>:vmail_uid:vmail_gid:<location of maildir>::<user_db specification>4. You could write a simple script to generate the lines in /etc/mail/credentials:
#!/bin/sh
# vmail_credential_gen.sh 8/1/21 gb
# Echo script id
echo "Credential generator for /etc/mail/credentials"
# Ask the user for their name
echo "What is the username? (Enter name and hit Return)"
read username
# Ask for the password
echo "What will be the password for $username@example.com? (Enter name and hit Return)"
read pswd
hash=$(smtpctl encrypt $pswd)
echo
echo "Password hash is $hash"
echo
# Echo the new entry for /etc/mail/credentials
echo "Review the following line for errors:"
echo
vmailuser=$username@example.com:$hash:vmail:2000:2000:/var/vmail/example.com/$username::userdb_mail=maildir:/var/vmail/example.com/$username
echo $vmailuser
echo
echo "If correct, enter y to append to /etc/mail/credentials (y/n)"
read choice
if [ "${choice}" = "y" ] ; then
echo $vmailuser >> /etc/mail/credentials
echo "Appended to /etc/mail/credentials. Check file for accuracy."
else
echo "Copy and paste manually, or re-run program if needed."
fi
echo "Append to /etc/mail/virtuals (y/n)"
read choice
if [ "${choice}" = "y" ] ; then
echo $vmailuser >> /etc/mail/virtuals
echo "Appended to /etc/mail/virtuals. Check file for accuracy."
else
echo "Copy and paste manually, or re-run program if needed."
fi
echo "Done"5. Create and populate the /etc/mail/virtuals file:
doas touch /etc/mail/virtuals
doas chmod 0440 /etc/mail/virtuals
doas chown _smtpd:_dovecot /etc/mail/virtualsEdit the file to contain list and aliases of users:
abuse@example.com: john@example.com
hostmaster@example.com: john@example.com
postmaster@example.com: john@example.com
webmaster@example.com: john@example.com
john@example.com: vmail
jack@example.com: vmail
yvonne@example.com: vmailNext: Initial OpenSMTPD configuration
Previous: TLS certificates
Posted by Gordon, No Hair Github Pages, August 24, 2021
© nohair.net and the author
For comments, corrections, and addenda, email: gordon[AT]nohair.net