Mark, Assuming you support SSL/TLS, how do you get around matching a server certificate CN to each of your per-user DNS entries? Do you use wildcard certificates?
Todd -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Crispin Sent: Thursday, July 08, 2004 2:16 PM To: Brad Arlt Cc: [EMAIL PROTECTED] Subject: Re: Perdition IMAP Proxy On Thu, 8 Jul 2004, Brad Arlt wrote: > Perdition is meant to allow you to have "one" imap server, as far as > your users are concerned, and as many real IMAP servers as needed. > Perdition chooses the correct server for each user, and proxies the > connection to it for the user. This can also be handled using > LOGIN-REFERRALS but sadly not all mail clients support this. That seems to be a lot of ongoing (and permanent) work and resources just to avoid a simple one-time user configuration. You can simply have a special DNS zone in which each user is registered and points to the correct IMAP server, and dispense with proxies. mrc.deskmail.washington.edu always points to mrc's IMAP server, even though the machine changes over time. The experience at UW has shown that this is not particularly difficult to explain even to novice users. -- Mark -- http://staff.washington.edu/mrc Science does not emerge from voting, party politics, or public debate. Si vis pacem, para bellum.
