Home

| Home | Documentation | Mailinglist | Download | License |

qpsmtpd - Plugin check_user Documentation

Do not use... See discussion on qpsmtpd mailinglist


NAME

check_user - lookup existing recipients (users) in a database

go top


DESCRIPTION

Enable user-level validation of addresses so that qpsmtpd can readily bounce invalid messages at the smtp level.

It does this by looking up the recipient address resp. user and host part of the email address in a database.

The inspiration of this module comes from a mailer setup with qpsmtpd and exim, where exim is used to manage virtual accounts in a database as described on http://flakey.info/mailserver/ or http://www.xmn-berlin.de/~marte/exim/exim4.conf.php

go top


CONFIGURATION

/etc/qpsmtpd/plugins

In the main configuration file the line check_user must be placed before the line rcpt_ok, because it returns only DENY, DECLINED or DENYSOFT but never OK.

After changing the configuration in /etc/qpsmtpd/check_user, qpsmtpd must be restartet, because the connection to the database and the preparing of the SQL statements takes place on startup. The connection to the database server is hold open resp. uses auto reconnect (MySQL).

On errors in /etc/qpsmtpd/check_user, missing database connection etc. qpsmtpd won't start.

/etc/qpsmtpd/check_user

All following entries must be present:

driver=driver name
By now it's only tested with driver=mysql

database=database name
The name of your database, e.g. database=maildb

user=user name
User to log into database.

passwd=[password]
Database password - can be empty, depending on your database configuration (listening only on localhost etc.)

email_table=table name
The name of the table to look up the email address.

domain_table=table name
The name of the table to look up the domain part of the email address. It can be the same table as email_table but using another field.

email_address=field name
email_user=field name
email_domain=field name
These entries tell check_user which database fields to use for the lookup in the table email_table.

If the field email_address is given, email_user and email_domain are ignored and vice versa.

domain_domain=field name
This entry tells check_user which database field to use for the lookup in the table domain_table.

How the fields are used

An example should make this clear. Given recipient address: 'user@domain.de':

        email_address   lookup 'user@domain.de' in email_table  1)
resp.
        email_user      lookup 'user'           in email_table  2)
        email_domain    lookup 'domain.de'      in email_table  2)
and
        domain_domain   lookup 'domain.de'      in domain_table
                1) ignored, if email_user and email_domain defined in config
                2) ignored, if email_address defined in config

The resulting SQL queries are:

        SELECT count(*) AS `success` FROM `$email_table`
                WHERE `$email_address`='user@domain.de';
resp.
        SELECT count(*) AS `success` FROM `$email_table`
                WHERE `$email_user`='user' AND `$email_domain`='domain.de';
and
        SELECT count(*) AS `success` FROM `$domain_table` WHERE `$domain_domain`='domain.de';

go top


RESULT VALUES

The result values are the same as for qpsmtpd plugins:

DENYSOFT
reject temporarily the message with a "4xx Internal error - try later" response.

This will happen on errors, e.g.: The database server went down after start of qpsmtpd.

DENY
reject the message with a "5xx Address '...@...' doesn't exist on this server" response.

The message will be denied, if the domain is one of ours, but the user can't be found.

DECLINED
no decision whether the message should be accepted or rejected.

Following lines could be found in the log using debug logging:

 Local address '...@...'   if the email address belongs to a virtual user of our domain(s)
 Foreign address '...@...' if the email address is not in our domain(s)

The message will be passed on to the next plugin, e.g. rcpt_to, which will decide whether relaying is allowed or not.

go top


LIMITATIONS

This module is only tested with mysql for DBI. Feel free to try other drivers - please tell me about your experience.

go top


REQUIREMENTS

check_user requires the Perl modules Data::Dumper, DBI and the choosen driver.

go top


BUGS

None known yet (however, see limitations above).

go top


CREDITS

Thanks to Ask Bjoern Hansen for qpsmtpd.

go top


COPYRIGHT

(c) Ernesto 2007, ernest@dienstleistung-kultur.de

go top


VERSION

Last updated 27 August 2007.

go top


LICENCE

As per the qpsmtpd license.

go top


This is a service of dienstleistung-kultur.de            Mailsystem QPSMTPD            Comments to Ernesto at ernesto@dienstleistung-kultur.de            Impressum