The user type is used to
look up passwd(5) information using the method
defined by the MailboxDatabase option (MailboxDatabase). A password entry typically looks like this:
ftp:*:1092:255:File Transfer Protocol Program:/u/ftp:/bin/sh
Here, there are seven fields, each separated from the others by colon
characters. The key is always compared to the first field. The value
returned is (by default) the first field unless you specify another
field with a -v switch:
Kname user -vfield
Here, field can be either a number 1 through 7,
or one of the names name,
passwd, uid,
gid, gecos,
dir, or shell, which correspond
to the numbers. For example, to look up usernames and get the full
name (GECOS) field returned, you could use something such as this:
Kgetgecos user -vgecos
...
R$- $: $( getgecos $1 $)
Note that this returns the full GECOS field in its rawest form. It is
not cleaned up to provide a reliable full name, as is the
$x macro ($x).
The user database-map type can be used in
conjunction with the Local_check_rcpt rule set
(Section 7.1.3). In the following, for example, we
check to see whether a recipient is a local user and, if so, reject
the user if that user's home directory is
/home/retired/tars:
Kislocal user -vdir
SLocal_check_rcpt
R$* $: $>canonify $1 focus on host
R$* <@ $+ > $* $: $1 discard host
R$+ $: $1 $(islocal $1 $)
R$- /home/retired/tars $#error $@ 5.1.3 $: 553 Sorry, $1 is retired, no forwarding
Here, we focus on the host part with the canonify
rule set 3, then discard all but the user part in the second rule.
The third rule performs the lookup. If the user is not found, that
username is returned unchanged. If, on the other hand, the user is
found, that user's name and home directory are
placed into the workspace. The last rule rejects any SMTP RCPT
command that contains a local-user part whose home directory is
/home/retired/tars.
Only a few database switches are useful with this
user type. All are listed in Table 23-28.
Table 23-28. The user database-map type K command switches
|
-a
|
-a
|
Append tag on successful match
|
|
-D
|
-D
|
Don't use this database map if DeliveryMode=defer
|
|
-m
|
-m
|
Suppress replacement on match
|
|
-q
|
-q
|
Don't strip quotes from key
|
|
-S
|
-S
|
Space replacement character
|
|
-T
|
-T
|
Suffix to append on temporary failure
|
|
-t
|
-t
|
Ignore temporary errors
|
|
-v
|
-v
|
Specify the column to return
|
This user database-map type can be watched with
the -d38.20 debugging command-line switch (-d38.20).
