Catch-All address

[yunohost-bot]

Original Redmine Issue: 557

Author Name: uda

---

Need:

• Accept all emails sent to any *@example.org, that has no mailbox or alias, to username@example.com

Expected:

• Add a regular or special alias to the user @example.org (no username part); or
• Define a maildrop user username for the domain

In the background, either of the mentioned methods should add a mail attribute @example.org to the target user's entry, or create a separate mailAccount entry under an aliases organizationalUnit

Actual result:

Each alias must be predefined

Workaround / Manual configuration:

I did the following:

• Added an organizationalUnit named aliases.
• Added mailAccount entries per alias domain.
  • mail is in the @example.org format
  • dropmail is the username catching all emails for the domain
• postfix searches first for specific@example.org and then for @example.org, so specific aliases still work

[yunohost-bot]

Properties Change

Author: julienmalik

[yunohost-bot]

Original Redmine Comment

Author: julienmalik

---

@uda, I'm curious about the details of your workaround.

I have a POC implementation for alias support in the yunohost cli : https://github.com/YunoHost/yunohost/pull/176 I experienced that you can't add entries with only "mailAccount" objectclass, and that entries should also implement a "structural" ldap objectclass (for user accounts, this is inetOrgPerson).

Can you please give more details about the exact step you followed in your workaround (command-line or python code welcome) ?

[yunohost-bot]

Properties Change

Author: julienmalik

[yunohost-bot]

Original Redmine Comment

Author: Anonymous

---

The POC looks great, the mailAccount being auxiliary is an issue, so I used the inetOrgPerson.

I manage the LDAP manually using the Apache Directory Studio, so no command-lines were used or abused during this experiment...

My entries look like this:

• DN: uid=example.org,dc=aliases,dc=yunohost,dc=org
• objectClass: mailAccount
• objectClass: inetOrgPerson
• cn: catchall@example.org
• sn: catchall@example.org
• mail: @example.org
• maildrop: username
• uid: example.org

As you can see, because I used the existing solutions for a new, duplication of info is unavoidable, but as you suggested, creating a structure objectClass while still using the mailAccount is much cleaner.

[yunohost-bot]

Original Redmine Comment

Author: uda

---

Just a fix, the DN is uid=example.org,**ou**=aliases,dc=yunohost,dc=org

[yunohost-bot]

Original Redmine Comment

Author: Gwendal

---

Hello! I was wondering if a feature was ever considered to offer a systematic and automatic "catch-all" pattern for each user? (although I am not sure to use the right words for what I mean)

Example: Provide to each users an infinite amount of aliases in the form user1+<anything>@domain.tld, user2+<anything>@domain.tld, etc.

This would allow user1 to receive emails on the address user1+toto@domain.tld, and allow him to communicate as many aliases as he needs (eg. to subscribe to websites) without adding them first in the interface.

However, this would require the possibility for each user to disable such feature, and/or to be able to blacklist aliases.

[yunohost-bot]

Original Redmine Comment

Author: alexAubin

---

Yeah I'd like to see that too ... But I have no idea how to configure postfix / the whole mail thing for it to work :/

[yunohost-bot]

Original Redmine Comment

Author: uda

---

1. The plus sign isn't aliasing, in postfix it's called recipient_delimiter, it is simply a way to add a "comment" in the email address, and it can be other special characters supported (some MTAs use the minus [-] character). adding support in yunohost shouldn't be difficult, simply modify the template.
2. You can't, AFAIK, enable or disable this within postfix, it is a global setting. how ever, this can be achieved by filter rules, whether in the user level or middleware.

[yunohost-bot]

Original Redmine Comment

Author: ljf

---

On my yunohost I can already use the recipient_delimiter - "+" alias notation - since yunohost 2.0...

[yunohost-bot]

Original Redmine Comment

Author: ljf

---

About the "domain" catch all address, I think it shouldn't be activated by default. And we should warrant correctly about this kind of feature.

Example: If you define your email address as the default catch all address for the domain, and you offer a mail to your sister, if someone who wants write to her do a mistake, you receive a mail that was not for you ! It could be quite embarrassing (for example if you learn she is pregnant by this way) !

[yunohost-bot]

Original Redmine Comment

Author: opi

---

There is already a PR about mail aliases, that could be extented to manage a catch-all address https://github.com/YunoHost/yunohost/pull/176

( personnal reminder: also I remember that my friend Capslock hack his yunohost configuration to implements catch-all )

[yunohost-bot]

Original Redmine Comment

Author: tw

---

@UDA - maybe you can support me a bit here. I am currently trying to figure out the LDAP commands to set this up.

To query the ldap:

ldapsearch -x -h localhost -b "dc=yunohost,dc=org"

Writing the commands mentioned above to a catchall.txt

#catchall for XYZ.nohost.me
DN: uid=XYZ.nohost.me,ou=alias,dc=yunohost,dc=org
objectClass: mailAccount
objectClass: inetOrgPerson
cn: catchall@XYZ.nohost.me
sn: catchall@XYZ.nohost.me
mail: @XYZ.nohost.me
maildrop: someUserName
uid: XYZ.nohost.me

Executing

ldapadd -x -D "cn=admin,dc=yunohost,dc=org" -W -f catchall.txt

returns

adding new entry "uid=XYZ.nohost.me,ou=aliases,dc=yunohost,dc=org"
ldap_add: No such object (32)
    matched DN: dc=yunohost,dc=org

I guess there the OU aliases need to be set up.

[yunohost-bot]

Original Redmine Comment

Author: tw

---

Below the working command line to add a catch all. I hope you guys can integrate this into the webgui somehow.

first create a text file catchall.txt with content below. Replace xyz.nohost.me with your domain

#setting up ou for aliases
dn: ou=aliases,dc=yunohost,dc=org
objectClass: organizationalUnit
objectClass: top
ou: aliases

#catchall for xyz.nohost.me
DN: uid=xyz.nohost.me,ou=aliases,dc=yunohost,dc=org
objectClass: mailAccount
objectClass: inetOrgPerson
cn: catchall@xyz.nohost.me
sn: catchall@xyz.nohost.me
mail: @xyz.nohost.me
maildrop: dropmail
uid: xyz.nohost.me

then execute via shell

ldapadd -x -D "cn=admin,dc=yunohost,dc=org" -W -f catchall.txt

add the dropmail alias to the account which shall receive all mails.

[SilverViper]

For anyone relying on this to have catchall on their system and upgraded their systems to Yunohost 3.7 with the new permission system and realizing their catchall does no longer work, here is a quick and dirty fix:

change in /etc/postfix/ldap-aliases.cf, from: query_filter = (&(objectClass=mailAccount)(mail=%s) (permission=cn=mail.main,ou=permission,dc=yunohost,dc=org))

into: query_filter = (&(objectClass=mailAccount)(mail=%s))

and reload postfix (sudo yunohost service reload postfix).

Not entirely sure why there is a filter on the permissions for aliases as there is also one for accounts? You probably will not create aliases for users you do not want to have email? And would the filter on ldap accounts block the email anyway?

[utzer]

@SilverViper is this still needed or was there some fix for /etc/postfix/ldap-aliases.cf?

Generally I wonder why it is not possible to set an email alias @example.com? After all postfix seems to treat the catch all "@example.com" as any other email address in the form of user@example.com, so it can be handed to a user (distributed).

Yes, there is not so much need to have catch all addresses in general, but in some cases it is handy, for example during the early migration phase to make sure you didn't miss any aliases you had before. Or if previous the setup had "-" as delimiter and now it is "+" for yunohost. In the delimiter case you must then break the automatic upgrades for the postfix config by either defining two delimiters (which postfix can handle, but dovecot might break with) or you can put all the aliases in some separate alias file for postfix and put the @example.com in it to be delivered to $user. Somehow this feels like something that could easily be solved upstream instead of by many users individually.

[SilverViper]

I still need to update the file whenever a forced regen conf is run.

[KamilBaczkowski]

Just dropping a comment that the above-mentioned steps do indeed work. Creating the LDAP entries as described in this comment works. One note on something that gave me some grief - the dropmail has to be in the main domain of YunoHost. I have YH on a subdomain (like yuno.example.com) and tried configuring email for example.com. I initially thought that my dropmail should be on @example.com domain, but then it turned out it should've been on @yuno.example.com

[uda]

This is weird, to my best knowledge the search works based on the domain of the current recipient's email address, so creating a drop mail for a specific domain should work just the same as the installation domain

[stoutouloutou]

Hello, I recently regen my conf, and I cannot make it work again : I got this error running the command:

ldapadd -D "cn=admin,dc=yunohost,dc=org" -W -f catchall.txt
Enter LDAP Password: ldap_bind: Invalid credentials (49)

Any ideas ? thanks

[alexAubin]

@stoutouloutou : this is not the right place to ask support questions

[stoutouloutou]

@alexAubin : sorry for posting in the wrong place. Should I create another issue called "catch-all address" asking wether this solution still works on on updated yunohost server ? Thanks !