Ow Mun Heng wrote:
Just wondering, can I say, have a virtual domain user [EMAIL PROTECTED]
(where localdomain is really local but just hosted as a virtual domain)
which can have SSH/FTP access using the same password to access their
email?
My understanding is the are two major ways to solve this.
1. pam + db for all accounts including local accounts
Some db magic with pam or whatever local auth you do. This way the user
still has some sort of central auth and doesn't end up with 2 different
passwords and so forth. All accounts are virtual, but users designated
as local also get shell, ftp, etc.
2. One localdomain and all others are truly virtual.
set localdomain.com as local in your virtual config and everything else
to virtual. The pop/imap/smtp daemons should auth locally and it pretty
much just works in my experience. The caveat is that it is only feasible
to have one domain as local and it's generally an all local or all
virtual sort of thing. Mixing and matching local and virtual users
within the same domain can be painful and hard to manage.
I did #2 since it's easy and I like sleep. I use Postfix, Courier, and
frontend it with PostfixAdmin. PostfixAdmin is great as it allows you to
create domain admins that can managed the domains you assign them. I
also changed from Squirrel to Horde IMP on this latest iteration and the
users seem to like that better especially the HTML mail support.
I highly recommend greylisting. It stops so much spam on its own which
means your content filtering doesn't have to be so gung-ho which has had
the effect of decreasing overall false positives. And I'm using much
less CPU.
Depending on which MTA you pick and where your database is you'll want
to look into mysql:proxy statements in your config. That'll enable your
MTA to multiplex queries over the same TCP connection which will
decrease load on your db. This isn't so much of an issue if your db is
local.
kashani
--
[email protected] mailing list
