Jim Trigg <jtrigg@???> (Fr 23 Apr 2010 23:20:44 CEST):
> On Fri, Apr 23, 2010 at 10:29:36PM +0200, Heiko Schlittermann wrote:
> > Jim Trigg <jtrigg@???> (Fr 23 Apr 2010 18:04:08 CEST):
> > > Does anyone here use system groups to determine what domains are valid
> > > for a system user to receive mail through? I am hosting nine domains on
> > > a single system, and am looking for a simple way to allow a given user
> > > to receive email through a defined subset of the domains. (I'm not yet
> > > worrying about the consideration that I want to have one user name on
> > > half the domains and another on the other half...)
> >
> > Do I understand it the right way?
> >
> > # getent group
> > dom1:user1,user2
> > dom2:user1,user3
> >
> > user1@dom1 is valid, but user2@dom2 is not.
>
> Close. Since I actually have nine "base" domains with variants, it's
> # getent group
> dom1:user1,user2
> dom2:user1,user3
>
> valid: user1@???, user2@???, user1@???, user3@???
> invalid: user3@???, user2@???
>
> And the set of which base domains have which TLDs is not complete. I
> have all but one in .org; it and three others are in .net; and one is
> in .us.
Ok, just make sure that your „local_domains“ really contains the domains
that are local to you - if you do not want to name them all, you could
use the @mx_primary expansion.
local_domains = @mx_primary
begin router
dnslookup:
…
domains = ! +local_domains
DOMAINBASE = ${extract{1}{.}{$domain}}
systemgroup_domain:
driver = accept
check_local_user
local_parts = <, ${extract{4}{:}{${run{/usr/bin/getent group DOMBASE}}}}'
transport = local_transport
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann HS12-RIPE -----------------------------------------
gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -