From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E3EIF-00047i-MF for garchives@archives.gentoo.org; Thu, 11 Aug 2005 14:44:28 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7BEeqH7029761; Thu, 11 Aug 2005 14:40:52 GMT Received: from popmail.jettissystems.com (popmail.jettissystems.com [38.118.146.212]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7BEepRJ021830 for ; Thu, 11 Aug 2005 14:40:51 GMT Received: from [10.20.16.102] (unknown [10.20.16.102]) by popmail.jettissystems.com (Postfix) with ESMTP id 828DC56D481 for ; Thu, 11 Aug 2005 07:41:41 -0700 (PDT) Message-ID: <42FB63A5.8040600@badapple.net> Date: Thu, 11 Aug 2005 09:41:41 -0500 From: kashani User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] Comments on IMAP Server (cyrus/courier/dovecot) References: <1123731973.5878.30.camel@neuromancer.home.net> <42FAD180.3030902@buanzo.com.ar> <1123735176.5878.36.camel@neuromancer.home.net> In-Reply-To: <1123735176.5878.36.camel@neuromancer.home.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 27e35839-095a-4b4b-a44d-ae07f685dde8 X-Archives-Hash: e7b19e882a264eaae18d412ca86e6ad6 Ow Mun Heng wrote: > Just wondering, can I say, have a virtual domain user user1@localdomain > (where localdomain is really local but just hosted as a virtual domain) > which can have SSH/FTP access using the same password to access their > email? My understanding is the are two major ways to solve this. 1. pam + db for all accounts including local accounts Some db magic with pam or whatever local auth you do. This way the user still has some sort of central auth and doesn't end up with 2 different passwords and so forth. All accounts are virtual, but users designated as local also get shell, ftp, etc. 2. One localdomain and all others are truly virtual. set localdomain.com as local in your virtual config and everything else to virtual. The pop/imap/smtp daemons should auth locally and it pretty much just works in my experience. The caveat is that it is only feasible to have one domain as local and it's generally an all local or all virtual sort of thing. Mixing and matching local and virtual users within the same domain can be painful and hard to manage. I did #2 since it's easy and I like sleep. I use Postfix, Courier, and frontend it with PostfixAdmin. PostfixAdmin is great as it allows you to create domain admins that can managed the domains you assign them. I also changed from Squirrel to Horde IMP on this latest iteration and the users seem to like that better especially the HTML mail support. I highly recommend greylisting. It stops so much spam on its own which means your content filtering doesn't have to be so gung-ho which has had the effect of decreasing overall false positives. And I'm using much less CPU. Depending on which MTA you pick and where your database is you'll want to look into mysql:proxy statements in your config. That'll enable your MTA to multiplex queries over the same TCP connection which will decrease load on your db. This isn't so much of an issue if your db is local. kashani -- gentoo-server@gentoo.org mailing list