userdb: Add support for receive-only users

Some use cases, like receive-only MTAs, need domain users for receiving emails, but have no real need for passwords since they will never use submission. Today, that is not supported, and those use-cases require the administrator to come up with a password unnecessarily, adding complexity and possibly risk. This patch implements "receive-only users", which don't have a valid password, thus exist for the purposes of delivering mail, but always fail authentication. See https://github.com/albertito/chasquid/issues/44 for more details and rationale. Thanks to xavierg who suggested this feature on IRC.
2026-01-07 17:47:14 +00:00 · 2023-12-03 00:12:46 +00:00
parent dbff2f0455
commit 83ae4c3478
9 changed files with 213 additions and 47 deletions
--- a/docs/man/chasquid-util.1.md
+++ b/docs/man/chasquid-util.1.md
@@ -4,7 +4,7 @@ chasquid-util - chasquid management tool

 # SYNOPSIS

-**chasquid-util** \[_options_\] user-add _user@domain_ \[--password=_password_\]
+**chasquid-util** \[_options_\] user-add _user@domain_ \[--password=_password_\] \[--receive\_only\]

 **chasquid-util** \[_options_\] user-remove _user@domain_

@@ -24,10 +24,13 @@ chasquid-util is a command-line utility for [chasquid(1)](chasquid.1.md) operati

 # OPTIONS

- **user-add** _user@domain_ \[--password=_password_\]
+- **user-add** _user@domain_ \[--password=_password_\] \[--receive\_only\]

    Add a new user to the domain.

+    If _--receive\_only_ is given, then the user will never successfully
+    authenticate. This is useful when creating receive-only users.
+
 - **user-remove** _user@domain_

    Remove the user from the domain.