Paul Oehler wrote:

The daemon MUST require all connections to be authenticated, preferably
against the vpopmail user base.

user rwidmer                                      ok
password mypassword                               ok

This is only slightly related to Rick's comments (which I think are very
good by the way), but when he says "against the vpopmail user base" exactly
what user base is he referring to?  In his example, where is the "rwidmer"
user information stored?  Is this something related to how qmailadmin (which
I know the least about re: vpopmail) does authentication?

By 'against the vpopmail user base', I mean the mail users in vpopmail. There should also be a group of users that don't get email, but have rights to every domain on the system. This could be accomplished by having a 'domain' that is not legal, like 'system.admins'. I am pretty sure vpopmail will allow you to create such a domain, but DNS won't allow it to receive mail. A proper system admin login would look like this:

password mypassword

Any user within vopomail should be able to login and do actions appropriate to assigned capabilities. Other than the system.admins domain the rules are already built into vpopmail. If you are a member of the system.admins domain, you have the right to create and delete domains, and full access to manage any domain on the system.

It might be good to create system.admins domain and
[EMAIL PROTECTED] user when the vpopmail daemon is installed.
This user would be similar to root in the operating system.  You could
then use the daemon to create the rest of your mail system.


Reply via email to