Hi all, [Patrick wrote:] >> I have the same setup like you have (unixhierarchysep: yes, >> DOMAIN_AS_PREFIX=1) and my user also looks like you described with >> the "." in pace of the "@" but the server is running well, without >> any problems.
>> The users will then have to login with "user.domain.tld" as username. >> Thats the only thing i had to make them clear. >> Therefore i don't knwo if it is a bug or if ist is impleneted that way >> because authentivcation would make problems with with the @. Probably >> the @ is a reserved character in sasl or mysql or whatever. Did some more research on this and have some more interesting findinds to share. If you substitute the '@' (at-sign) with a '.' (dot) what you do IIUC is you don't do any virtual domain hosting at all. This is not as clean an approach as proper virtual hosting will give you. For example, you will not be able to have "per domain" admins on an IMAP level. But having this is crucial in any serious shared services environment. If you are an ISP for example, you don't want customer A to be able to login to the IMAP server and see the names of all mailboxes of all customers that share the mail server, do you? Please have a look at the original documentation: http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html @Patrick: Are you running with "virtdomains: yes" in "imapd.conf"? Even if you do, if you just don't use the '@' (at-sign) in any names, all your mailboxes will end up in the default domain no matter in which "virtual" domain you intended to have them in. It migt be though that until some time ago you did not have a lot of choice actually. I remember I spent quite some time with this when I was setting up our system. You need to make sure you keep two concepts in sync: Virtual Domain hosting in Cyrus IMAPd and the concept of realms in SASL. And SASL documentation is quite poor or at least it's hard to find the right piece to read unless you followed the development of *IX operating systems since the early 70ies. (My personal opinion, not worth discussing.) The "virtdomain: yes" stuff hasn't been there forever in Cyrus IMAPd though. I am not sure when it was implemented but I remember when I had set up our system about 2 years ago I had to go to a at that time beta release to get it. So prior to the virtual domain support that we have today in Cyrus IMAPd, the approach that Patrick described and that web-cyradm seems to support was probably the only chance you had. Though this is sort of off topic, some words on SASL as well: As mentioned several times already: The '@' (at-sign) *is* a special character to SASL. It separates the user name from the so-called realm in SASL. At least this is what you can find the in recent Cyrus SASL implementations. Interesting enough, the RFC 2222 which describes SASL does not explicitely talk about this. For many systems the rule is "realm == domain", so if you have a user / mailbox name such as [EMAIL PROTECTED], then the realm will be somedomain.com. It is up to the SASL configuration what to do with this, like use the realm portion to lookup users in different files by using the realm name as a filename, look up users in different passwd files in different directories by using the realm name as a directory name. What's a bit more tricky is how to use a realm name which will have the format of subdomain.domain.tld to do an LDAP lookup for some object in dc=subdomain,dc=domain,dc=tld. But this is a whole separate story and really way out of topic for this list. To take this all back to web-cyradm, I think what we can learn from this discussions: - There are 1000 ways to skin a cat. Or to set up a Cyrus IMAPd based mailserver. It might be worth to explain these alternatives to allow anyone setting up a system to make an educated decision of what he or she is doing. - There is no right and wrong handling of this in web-cyradm but a need to configure web-cyradm according to the setup you've chosen. So this is not a bug but a feature request. Having said all that: @Luc: Any progress in the setting up a Wiki or giving individual people a user ID that would allow them to wrap stuff like this here up in a HOWTO and publish it on the site? Regards, Torsten > --- Urspr�ngliche Nachricht --- > Von: "paeddy" <[EMAIL PROTECTED]> > An: <[email protected]> > Betreff: RE: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > Datum: Wed, 18 May 2005 10:44:29 +0200 > > Hi Torsten, > > I have the same setup like you have (unixhierarchysep: yes, > DOMAIN_AS_PREFIX=1) and my user also looks like you described with the "." > in pace of the "@" but the server is running well, without any problems. > > The users will then have to login with "user.domain.tld" as username. > Thats > the only thing i had to make them clear. > > Therefore i don't knwo if it is a bug or if ist is impleneted that way > because authentivcation would make problems with with the @. Probably the > @ > is a reserved character in sasl or mysql or whatever. > > Regards, > patrick > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Torsten Schlabach > Sent: Wednesday, May 18, 2005 10:25 AM > To: [email protected] > Subject: Re: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > > >> Is this a bug or did I overlook something? Should I file a bug? > > As nobody replied and told me there is a good reason for this, I will go > ahead and file a bug for this ... > > I wonder if nobody ever noticed this or is just nobody using the > "unixhierarchysep: yes" setting in imapd.conf? > > Regards, > Torsten > > > --- Urspr�ngliche Nachricht --- > > Von: "Torsten Schlabach" <[EMAIL PROTECTED]> > > An: [email protected] > > Betreff: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > > Datum: Mon, 16 May 2005 17:54:03 +0200 (MEST) > > > > Hi, > > > > if I want to > > > > - use virtual domains > > - use mailbox names with "." in it > > > > I understand I should use > > > > DOMAIN_AS_PREFIX=1 in conf.php and unixhierarchysep: yes in imapd.conf. > > > > According to my understanding of cyrus IMAPd, this means that mailbox > > names will take the format > > > > user/[EMAIL PROTECTED] > > > > But they actually show up in cyrus as > > > > user/some.user.domain.com > > > > Would the user/some.user.domain.com notation make any sense in any > > circumstances? If I think of a user such as > > > > [EMAIL PROTECTED] this would then translate to > > > > user/henry.w.ford.company.com.tw > > > > How would the system ever now which part of this will be the mailbox > > name and which would be the domain name? > > > > Is this a bug or did I overlook something? Should I file a bug? For > > new accounts this can be patched in newaccount.php in line 240, but I > > am not sure if there are more places where this would need fixing. > > > > Regards, > > Torsten > > _______________________________________________ > > This mailing list is hosted and supported by bit-heads GmbH | > > http://www.bit-heads.ch > > > > _______________________________________________ > > Web-cyradm mailing list > > [email protected] > > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > > > _______________________________________________ > This mailing list is hosted and supported by bit-heads GmbH | > http://www.bit-heads.ch > > _______________________________________________ > Web-cyradm mailing list > [email protected] > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > > > _______________________________________________ > This mailing list is hosted and supported > by bit-heads GmbH | http://www.bit-heads.ch > > _______________________________________________ > Web-cyradm mailing list > [email protected] > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > _______________________________________________ This mailing list is hosted and supported by bit-heads GmbH | http://www.bit-heads.ch _______________________________________________ Web-cyradm mailing list [email protected] http://www.web-cyradm.org/mailman/listinfo/web-cyradm
