Your Linux Data Center Experts

Login Aliases for vPostMaster

Introduction

vPostMaster requires login names to be a full e-mail address, such as "alice@example.com". However, many users transitioning to vPostMaster are coming from other systems that allowed (or even required) login names to just be the short name like "alice".

This can easily be worked around if you have only one domain by setting up Dovecot to append a common domain name to unqualified login names. However, if different login names need to map into different domain names, you will have to use this recipe.

NOTE: This has nothing to do with e-mail aliases. If you set up a login alias for "sales" to go to "alice@example.com", unless you also set up an e-mail account through the vPostMaster web interface the address "sales@example.com" will not go anywhere.

Recipe

First you will need to set up a database table and a couple of PL/PgSQL functions. Run "su postgres -c 'psql -d vpostmaster'" and then paste in the following text:

CREATE LANGUAGE plpgsql;

CREATE TABLE loginaliases (
   id SERIAL,
   login TEXT NOT NULL,
   usersname TEXT NOT NULL,
   domainsname TEXT NOT NULL
         REFERENCES domains(name)
         ON DELETE CASCADE ON UPDATE CASCADE
   );

CREATE OR REPLACE FUNCTION loginaliaslookupuser(TEXT, TEXT) RETURNS TEXT AS '
DECLARE
   login ALIAS FOR $1;
   defaultvalue ALIAS FOR $2;
   usersname loginaliases.usersname%TYPE;
BEGIN
   SELECT loginaliases.usersname INTO usersname FROM loginaliases
         WHERE loginaliases.login = login;
   IF NOT FOUND THEN
      RETURN defaultvalue;
   END IF;
   RETURN usersname;
END;
' LANGUAGE plpgsql;

CREATE OR REPLACE FUNCTION loginaliaslookupdomain(TEXT, TEXT) RETURNS TEXT AS '
DECLARE
   login ALIAS FOR $1;
   defaultvalue ALIAS FOR $2;
   domainsname loginaliases.domainsname%TYPE;
BEGIN
   SELECT loginaliases.domainsname INTO domainsname FROM loginaliases
         WHERE loginaliases.login = login;
   IF NOT FOUND THEN
      RETURN defaultvalue;
   END IF;
   RETURN domainsname;
END;
' LANGUAGE plpgsql;

GRANT SELECT ON TABLE loginaliases TO imapserver;

Now you will need to populate the database with the mappings. While still in the Postgres command-prompt above, add database rows like:

INSERT INTO loginaliases ( login, usersname, domainsname )
   VALUES ( 'sales', 'alice', 'corp.example.com' );
INSERT INTO loginaliases ( login, usersname, domainsname )
   VALUES ( 'info', 'bob', 'users.example.net' );

This creates two login aliases, "sales" which logs in as "aliace@corp.example.com" and "info" which logs in as "bob@users.example.net".

Note that if you have Dovecot to use a default domain, you will have to make the alias logins be the full name in the aliased domain, and this will preclude you from having a user of the same name in the default domain.

Now, you will need to change the Dovecot configuration so that it uses the loginaliases table to look up user/domain information. Modify /etc/dovecot-pgsql.conf so that the queries become the following:

password_query = SELECT users.cryptedpasswd AS password FROM
   users WHERE users.name = loginaliaslookupuser('%u', '%n')
   AND users.domainsname = loginaliaslookupdomain('%u', '%d')
   AND users.active = 't' AND (SELECT active FROM domains
   WHERE name = loginaliaslookupdomain('%u', '%d')) = 't'
user_query = SELECT userdir AS home, 100 AS uid, 101 AS gid FROM users
   WHERE users.name = loginaliaslookupuser('%u', '%n') AND
   users.domainsname = loginaliaslookupdomain('%u', '%d') AND
   users.active = 't' AND (SELECT active FROM domains
   WHERE name = loginaliaslookupdomain('%u', '%d')) = 't'

Note that the above should just be two lines starting with "password_query = ..." and "user_query = ..." Dovecot will fail to start correctly if the statements span multiple lines as above.

Note too that the "100" and "101" in the above will need to be your actual local userid and groupid for vpostmaster, as found in /etc/passwd and /etc/group. In the following example the userid is the first line, and the groupid is the second line:

[root@vpostmaster ~]# awk -F: '$1 ~ /vpostmaster/ { print $3 }' /etc/passwd /etc/group
100
101
[root@vpostmaster ~]# 

Now restart dovecot and you should be in business. Test out the aliased logins as well as the non-aliased logins to verify.