On Tue, May 25, 2010 at 15:59, Wietse Venema <wie...@porcupine.org> wrote:
> You need one table entry per user somewhere, otherwise you can't > reject mail for users that don't exist. Absolutely, of course. But having one entry for every pairing of user AND hostname isn't possible (because an infinite number of hostparts could be used). One entry for every pairing of user and domain-part-of-hostname could be done. The wildcarding for example.com (so anyhostpart.example.com acts as example.com) would be separate from wildcarding of other domains such as example.net (where someotherhostpart.example.net acts as example.net). The username space for example.com is independent of the username space for example.net (and hence the complexity). I'm thinking I need to do a tcp:table that talks to my own daemon to sort this out. That daemon would get u...@hostpart.domain.tld, split it to 3 parts: user, hostpart, and domain.tld, verify that user is valid for domain.tld, reject (500?) if not valid, and answer with u...@domain.tld (200) if it is valid (and if the domain is one of those for which wildcarding is enabled) ... with variations for the other cases (e.g. no hostpart, domains not wildcarded, or whatever else). The tcp:table protocol looks very simple. A small multplexing daemon should be sufficient. It should be secure enough if bound to localhost on a low port number ... tcp:127.0.0.1:789
