Hi Torsten, I can see that you spent quite some time finding this detailed information. I used courier-mta before but wanted to migrate to something which is more easy and logical to manage.
Browsing trough the internet i saw on the web-cyradm website the document "debian_sarge-cyrus-howto.pdf" and i tought that would be the installation which fits all my needs. therefore my system is settet up like described there. to answer your question: > @Patrick: Are you running with "virtdomains: yes" in "imapd.conf"? yes, i setted "virtdomains: yes" in "imapd.conf". regards, patrick > Hi all, > > [Patrick wrote:] >>> I have the same setup like you have (unixhierarchysep: yes, >>> DOMAIN_AS_PREFIX=1) and my user also looks like you described with >>> the "." in pace of the "@" but the server is running well, without >>> any problems. > >>> The users will then have to login with "user.domain.tld" as username. >>> Thats the only thing i had to make them clear. > >>> Therefore i don't knwo if it is a bug or if ist is impleneted that way >>> because authentivcation would make problems with with the @. Probably >>> the @ is a reserved character in sasl or mysql or whatever. > > Did some more research on this and have some more interesting findinds to > share. > > If you substitute the '@' (at-sign) with a '.' (dot) what you do IIUC is > you > don't do any virtual domain hosting at all. This is not as clean an > approach > as proper virtual hosting will give you. For example, you will not be able > to have "per domain" admins on an IMAP level. But having this is crucial > in > any serious shared services environment. If you are an ISP for example, > you > don't want customer A to be able to login to the IMAP server and see the > names of all mailboxes of all customers that share the mail server, do > you? > > Please have a look at the original documentation: > > http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html > > @Patrick: Are you running with "virtdomains: yes" in "imapd.conf"? > > Even if you do, if you just don't use the '@' (at-sign) in any names, all > your mailboxes will end up in the default domain no matter in which > "virtual" domain you intended to have them in. > > It migt be though that until some time ago you did not have a lot of > choice > actually. I remember I spent quite some time with this when I was setting > up > our system. You need to make sure you keep two concepts in sync: Virtual > Domain hosting in Cyrus IMAPd and the concept of realms in SASL. And SASL > documentation is quite poor or at least it's hard to find the right piece > to > read unless you followed the development of *IX operating systems since > the > early 70ies. (My personal opinion, not worth discussing.) > > The "virtdomain: yes" stuff hasn't been there forever in Cyrus IMAPd > though. > I am not sure when it was implemented but I remember when I had set up our > system about 2 years ago I had to go to a at that time beta release to get > it. So prior to the virtual domain support that we have today in Cyrus > IMAPd, the approach that Patrick described and that web-cyradm seems to > support was probably the only chance you had. > > Though this is sort of off topic, some words on SASL as well: > > As mentioned several times already: The '@' (at-sign) *is* a special > character to SASL. It separates the user name from the so-called realm in > SASL. At least this is what you can find the in recent Cyrus SASL > implementations. Interesting enough, the RFC 2222 which describes SASL > does > not explicitely talk about this. > > For many systems the rule is "realm == domain", so if you have a user / > mailbox name such as [EMAIL PROTECTED], then the realm will be > somedomain.com. It is up to the SASL configuration what to do with this, > like use the realm portion to lookup users in different files by using the > realm name as a filename, look up users in different passwd files in > different directories by using the realm name as a directory name. > > What's a bit more tricky is how to use a realm name which will have the > format of subdomain.domain.tld to do an LDAP lookup for some object in > dc=subdomain,dc=domain,dc=tld. But this is a whole separate story and > really > way out of topic for this list. > > To take this all back to web-cyradm, I think what we can learn from this > discussions: > > - There are 1000 ways to skin a cat. Or to set up a Cyrus IMAPd based > mailserver. It might be worth to explain these alternatives to allow > anyone > setting up a system to make an educated decision of what he or she is > doing. > > - There is no right and wrong handling of this in web-cyradm but a need to > configure web-cyradm according to the setup you've chosen. So this is not > a > bug but a feature request. > > Having said all that: > > @Luc: Any progress in the setting up a Wiki or giving individual people a > user ID that would allow them to wrap stuff like this here up in a HOWTO > and > publish it on the site? > > Regards, > Torsten > >> --- Urspr�ngliche Nachricht --- >> Von: "paeddy" <[EMAIL PROTECTED]> >> An: <[email protected]> >> Betreff: RE: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names >> Datum: Wed, 18 May 2005 10:44:29 +0200 >> >> Hi Torsten, >> >> I have the same setup like you have (unixhierarchysep: yes, >> DOMAIN_AS_PREFIX=1) and my user also looks like you described with the >> "." >> in pace of the "@" but the server is running well, without any problems. >> >> The users will then have to login with "user.domain.tld" as username. >> Thats >> the only thing i had to make them clear. >> >> Therefore i don't knwo if it is a bug or if ist is impleneted that way >> because authentivcation would make problems with with the @. Probably >> the >> @ >> is a reserved character in sasl or mysql or whatever. >> >> Regards, >> patrick >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Torsten >> Schlabach >> Sent: Wednesday, May 18, 2005 10:25 AM >> To: [email protected] >> Subject: Re: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names >> >> >> Is this a bug or did I overlook something? Should I file a bug? >> >> As nobody replied and told me there is a good reason for this, I will go >> ahead and file a bug for this ... >> >> I wonder if nobody ever noticed this or is just nobody using the >> "unixhierarchysep: yes" setting in imapd.conf? >> >> Regards, >> Torsten >> >> > --- Urspr�ngliche Nachricht --- >> > Von: "Torsten Schlabach" <[EMAIL PROTECTED]> >> > An: [email protected] >> > Betreff: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names >> > Datum: Mon, 16 May 2005 17:54:03 +0200 (MEST) >> > >> > Hi, >> > >> > if I want to >> > >> > - use virtual domains >> > - use mailbox names with "." in it >> > >> > I understand I should use >> > >> > DOMAIN_AS_PREFIX=1 in conf.php and unixhierarchysep: yes in >> imapd.conf. >> > >> > According to my understanding of cyrus IMAPd, this means that mailbox >> > names will take the format >> > >> > user/[EMAIL PROTECTED] >> > >> > But they actually show up in cyrus as >> > >> > user/some.user.domain.com >> > >> > Would the user/some.user.domain.com notation make any sense in any >> > circumstances? If I think of a user such as >> > >> > [EMAIL PROTECTED] this would then translate to >> > >> > user/henry.w.ford.company.com.tw >> > >> > How would the system ever now which part of this will be the mailbox >> > name and which would be the domain name? >> > >> > Is this a bug or did I overlook something? Should I file a bug? For >> > new accounts this can be patched in newaccount.php in line 240, but I >> > am not sure if there are more places where this would need fixing. >> > >> > Regards, >> > Torsten >> > _______________________________________________ >> > This mailing list is hosted and supported by bit-heads GmbH | >> > http://www.bit-heads.ch >> > >> > _______________________________________________ >> > Web-cyradm mailing list >> > [email protected] >> > http://www.web-cyradm.org/mailman/listinfo/web-cyradm >> > >> _______________________________________________ >> This mailing list is hosted and supported by bit-heads GmbH | >> http://www.bit-heads.ch >> >> _______________________________________________ >> Web-cyradm mailing list >> [email protected] >> http://www.web-cyradm.org/mailman/listinfo/web-cyradm >> >> >> _______________________________________________ >> This mailing list is hosted and supported >> by bit-heads GmbH | http://www.bit-heads.ch >> >> _______________________________________________ >> Web-cyradm mailing list >> [email protected] >> http://www.web-cyradm.org/mailman/listinfo/web-cyradm >> > _______________________________________________ > This mailing list is hosted and supported > by bit-heads GmbH | http://www.bit-heads.ch > > _______________________________________________ > Web-cyradm mailing list > [email protected] > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > > _______________________________________________ This mailing list is hosted and supported by bit-heads GmbH | http://www.bit-heads.ch _______________________________________________ Web-cyradm mailing list [email protected] http://www.web-cyradm.org/mailman/listinfo/web-cyradm
