# hcoop-change: use file_transport = address_file for /etc/aliases
# delivery, as per old configuration
SYSTEM_ALIASES_FILE_TRANSPORT = address_file
+
+# hcoop-change: deliver mail to AFS
+MAILDIR_HOME_MAILDIR_LOCATION = /afs/hcoop.net/common/email/$local_part
# forwarding generates a direct delivery to a directory, or a file, or to a
# pipe, or sets up an auto-reply, respectively.
#
+# hcoop-change: acquire AFS token for the user
userforward:
debug_print = "R: userforward for $local_part@$domain"
driver = redirect
check_local_user
file = $home/.forward
require_files = $local_part:$home/.forward
+ condition = ${run{/usr/bin/pagsh.openafs -c /etc/exim4/get-token ${local_part}}{1}{0}}
no_verify
no_expn
check_ancestor
+# hcoop-change: acquire AFS token for the user
procmail:
debug_print = "R: procmail for $local_part@$domain"
${if exists{/etc/procmailrc}\
{/etc/procmailrc}{${home}/.procmailrc}}:\
+/usr/bin/procmail
+ condition = ${run{/usr/bin/pagsh.openafs -c /etc/exim4/get-token ${local_part}}{1}{0}}
no_verify
no_expn
# This router matches local user mailboxes. If the router fails, the error
# message is "Unknown user".
+# hcoop-change: acquire AFS token for the user
+
local_user:
debug_print = "R: local_user for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
local_parts = ! root
+ condition = ${run{/usr/bin/pagsh.openafs -c /etc/exim4/get-token ${local_part}}{1}{0}}
transport = LOCAL_DELIVERY
cannot_route_message = Unknown user
--- /dev/null
+# Get an AFS token for the given user.
+#
+# This is used to deliver mail with the appropriate credentials.
+
+KRB5CCNAME=FILE:/tmp/krb5cc_$1.email
+
+kinit -kt /etc/keytabs/$1.email.keytab
+aklog
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
-dc_use_split_config='false'
+dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='maildir_home'