13 thoughts on - User Names

• Wouldn’t you be better off using the alias directive in your mailer program? I think all of the mainstream mailers (sendmail, postfix, what-have-you) support aliasing in some form.

• HI Frank – Like that signature of yours…

  The problem is the client program trying to talk to the linux server

  is base64 encoding the entire email address for the AUTH LOGIN,

  not just the “username”. so my user name needs to include the “@” symbol.

  They have an edit on their side that does not allow entry without the @
  sign.

• useradd is just a program that manipulates the underlying files – so if you really want to create a user with that name, then manually edit
  /etc/passwd and /etc/shadow. However, at the risk of telling you things you already know, the ‘@’ is definitely not a standard character in Unix usernames and it may, or may not, cause problems elsewhere.
  (TBH, the only character which will almost certainly break things is
  ‘/’!)

  P.

• I am looking for a way for sendmail to ALLOW auth by IP and not user name
  (its a closed network) or even SKIP invalid auth ?
  Is that even possible ?

  Jerry

• Note that it’s not talking to “the linux server” but to a specific program on the server.I’m guessing Postfix. (But maybe Sendmail, depending on how old your server is.) So the question is whether Postfix or Sendmail have this ability to translate an incoming username. They may be able to do this through virtual user support. Which SMTP program are you using (name and version)? I’d suggest asking on their mailing list.

• As far as I remember UNIX username can not contain special symbols.

  Valeri

• @ is not an allowed character in most Unix logins

  Allowed characters:
  ‘a’…’z’
  ‘A’…’Z’
  ‘0’…’9′
  ‘.’
  ‘-‘
  ‘_’

  $ is allowed as the last character but @ is not. To allow it you would need to patch everything from glibc, shadow-utils, pam, systemd and email.

  @ is reserved as the identifier in an email address and many utilities will break if you have 2 @ in them.. aka user foo@foobar.net@foobar.net is going to cause all kinds of issues. and a user foo@foobar.net is going to find that many utilities strip @foobar.net and try to use the user foo.

• Am 01.06.2020 um 19:44 schrieb Jerry Geis:

  It is possible to configure Sendmail to relay based on client connection. The doc will tell you how.

  https://www.sendmail.org/~ca/email/doc8.12/cf/m4/anti_spam.html#access_db

  If your Sendmail setup demands AUTH, then it will not skip in case of false credentials.

  Whatever backend you configure cyrus-sasl to use for validating the SMTP
  AUTH credentials, it is possible to use other values than a user name.

  Alexander

• I’m no sasl expert but it looks like one could store the weird username in /etc/sasldb:

  https://www.cyrusimap.org/sasl/sasl/sysadmin.html

  One could also hack up an extra PAM module for use by saslauthd.

• I came across /etc/mail/virtusertable. I am using fresh install of CentOS
  7. I added my silly user as:
  silly@my.com silly

  did the make and service sendmail restart. But its still not working. Getting rejects as not valid just like before. I
  presume this would use the PW for “silly” user.

  Thought I was onto something there.

  Jerry

• That’s not used for authentication. That’s used for routing received mail.  For authentication, you need to mess with cyrus-sasl.

• Ok I read through this, played on my machine with it – It looks very promising. Will try on the end machine tomorrow. Thanks Kenneth!

  Jerry

• That’s a common requirement for servers that implement multi-domain hosting.  In Courier MTA, you can host virtual users in a “userdb” file or SQL DB (or LDAP):

  https://www.courier-mta.org/FAQ.html#virtual

  Postfix supports similar setup:

  https://www.howtoforge.com/virtual-users-and-domains-with-postfix-courier-mysql-and-squirrelmail-debian-wheezy

  Whether those are options may depend on how invested you are in sendmail.  If you’re not a sendmail expert, you’re probably better off using a different mail server.