OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Question about virtual Postfix patch
From: NetQuest Support (supportnetquest.net)
Date: Mon Feb 07 2000 - 03:46:57 CST

On Mon, 7 Feb 2000, Andrew McNamara wrote:

>
> That's okay - I don't have a problem with people sending me mail... 8-)
>
     :)
 
> > I still have all the virtual maps setup for the domain before I
> >started all this. Should I remove those?
>
> The virtual map entries probably aren't needed, but I don't think
> they're causing your problem. It looks to me like the "virtual" process
> hasn't been started.
>
> One thing I didn't mention in my previous posts (sorry) - you need to
> create an entry in master.cf for the new agent. It should look
> something like:
>
> virtual unix - n n - - virtual
>
> Also make sure there is a "virtual" binary in your libexec directory,
> and that it has appropriate permissions.
>
     I made the changes you suggested and everything is now working much
better. :) I removed the regular virtual domain map since it was being
processed before your patch and mail was ending up in the wrong place. I
appreciate the help.

     I do have one more problem I can't seem to figure out though. I
created a second user (so basically I now have user1fakedom.com and
user2fakedom.com) which breaks things. I tried setting the two users up
with different uid and gid but the entire path is owned to whichever of
these two users gets email first. After that all email is refused since
the LDA doesn't have permission to write.

     So now I have the following entries in main.cf:
        transport_maps = dbm:/etc/postfix/transport.map
        virtual_gid_maps = dbm:/etc/postfix/vgid
        virtual_mailbox_base = /tmp/vhosts
        virtual_mailbox_maps = dbm:/etc/postfix/vmailbox
        virtual_minimum_uid = 100
        virtual_uid_maps = dbm:/etc/postfix/vuid
        virtual_usedotlock = no

     The maps have:
        /etc/postfix/transport.map
                fakedom.com virtual:
        /etc/postfix/vmailbox
                user1fakedom.com /fakedom.com/user1/
                user2fakedom.com /fakedom.com/user2/
        /etc/postfix/vuid
                user1fakedom.com 5000
                user2fakedom.com 2500
        /etc/postfix/vgid
                user1fakedom.com 5000
                user2fakedom.com 5300

     Whenever the first message is sent it works okay (meaning the vhosts
directory is create in /var/mail and the fakedom.com directory appears
under that with the users mail directory - ex.
/var/mail/vhosts/fakedom.com/user1). The problem is that the vhosts
directory and everything under it is set to that user (in the above
example the tree is read/write/execute for uid 5000 & gid 5000 and no
permissions for group or other). This keeps other users (and other domains
I'm going to assume since I haven't tried) from getting email unless I set
everything to the same uid & gid. This isn't a problem since all users at
a particular domain should have the same gid (and the same uid wouldn't be
a problem 99% of time), but I think each domain should have at least a
unique uid.

     Any ideas?

                                                        Thanks,

                                                        Mike