Next: Databases, Previous: Greylisting, Up: Tutorial [Contents][Index]
In your filter script you may need to verify if the given
user name is served by your mail server, in other words, to verify if
it represents a local account. Notice that in this context, the word
local does not necessarily mean that the account is local for
the server running mailfromd, it simply means any account
whose mailbox is served by the mail servers using mailfromd.
The validuser function may be used for this purpose. It
takes one argument, the user name, and returns true if
this name corresponds to a local account. To verify this, the
function relies on libmuauth, a powerful authentication
library shipped with GNU mailutils. More precisely, it
invokes a list of authorization functions. Each function is
responsible for looking up the user name in a particular source of
information, such as system passwd database, an SQL database,
etc. The search is terminated when one of the functions finds
the name in question or the list is exhausted. In the former case, the
account is local, in the latter it is not. This concept is
discussed in detail in see Authorization and Authentication Principles in GNU Mailutils
Manual). Here we will give only some practical advices for
implementing it in mailfromd filters.
The actual list of available authorization modules depends on your
mailutils installation. Usually it includes, apart from
traditional UNIX passwd database, the functions for verifying
PAM, RADIUS and SQL database accounts.
Each of the authorization methods is configured using special
configuration file statements. For the description of the Mailutils
configuration files, See Mailutils Configuration File in GNU Mailutils Manual.
You can obtain the template for mailfromd configuration by
running mailfromd --config-help.
For example, the following mailfromd.conf file:
auth {
authorization pam:system;
}
pam {
service mailfromd;
}
sets up the authorization using PAM and system passwd database. The name of PAM service to use is ‘mailfromd’.
The function validuser is often used together with
dbmap, as in the example below:
#pragma dbprop /etc/mail/aliases.db null
if dbmap("/etc/mail/aliases.db", localpart($rcpt_addr))
and validuser(localpart($rcpt_addr))
…
fi
For more information about dbmap function, see dbmap.
For a description of dbprop pragma, see Database functions.
Next: Databases, Previous: Greylisting, Up: Tutorial [Contents][Index]