Just cross-read this HOWTO you mentioned to see if it might be worth to provide some feedback to the author.
Interesting enough, the HOWTO does not mention anything explicit about virtual domains. I am not sure but I'd be surprised if the Debian package would enable virtdomain: yes by default. I am about sure I had to put this in manually. So following the HOWTO you probably setup a single domain Cyrus IMAPd from the Debian package that then subsequently get's "abused" in a "virtual domain by naming convention" way. In contrast to Cyrus IMAPd, web-cyradm presumes a virtual domain setup. Nothing wrong with that as long as it works for you. But what I wonder is: - do you do "saslauthd -a pam -c" as described in the HOWTO? If yes, do you have users like username.domain.tld in /etc/passwd? - how does your MTA handle that setup? Regards, Torsten > --- Urspr�ngliche Nachricht --- > Von: [EMAIL PROTECTED] > An: [email protected] > Betreff: RE: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > Datum: Wed, 18 May 2005 15:10:23 +0200 (CEST) > > Hi Torsten, > > I can see that you spent quite some time finding this detailed > information. I used courier-mta before but wanted to migrate to something > which is more easy and logical to manage. > > Browsing trough the internet i saw on the web-cyradm website the document > "debian_sarge-cyrus-howto.pdf" and i tought that would be the installation > which fits all my needs. therefore my system is settet up like described > there. > > to answer your question: > > @Patrick: Are you running with "virtdomains: yes" in "imapd.conf"? > > yes, i setted "virtdomains: yes" in "imapd.conf". > > regards, > patrick > > > Hi all, > > > > [Patrick wrote:] > >>> I have the same setup like you have (unixhierarchysep: yes, > >>> DOMAIN_AS_PREFIX=1) and my user also looks like you described with > >>> the "." in pace of the "@" but the server is running well, without > >>> any problems. > > > >>> The users will then have to login with "user.domain.tld" as username. > >>> Thats the only thing i had to make them clear. > > > >>> Therefore i don't knwo if it is a bug or if ist is impleneted that way > >>> because authentivcation would make problems with with the @. Probably > >>> the @ is a reserved character in sasl or mysql or whatever. > > > > Did some more research on this and have some more interesting findinds > to > > share. > > > > If you substitute the '@' (at-sign) with a '.' (dot) what you do IIUC is > > you > > don't do any virtual domain hosting at all. This is not as clean an > > approach > > as proper virtual hosting will give you. For example, you will not be > able > > to have "per domain" admins on an IMAP level. But having this is crucial > > in > > any serious shared services environment. If you are an ISP for example, > > you > > don't want customer A to be able to login to the IMAP server and see the > > names of all mailboxes of all customers that share the mail server, do > > you? > > > > Please have a look at the original documentation: > > > > http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html > > > > @Patrick: Are you running with "virtdomains: yes" in "imapd.conf"? > > > > Even if you do, if you just don't use the '@' (at-sign) in any names, > all > > your mailboxes will end up in the default domain no matter in which > > "virtual" domain you intended to have them in. > > > > It migt be though that until some time ago you did not have a lot of > > choice > > actually. I remember I spent quite some time with this when I was > setting > > up > > our system. You need to make sure you keep two concepts in sync: Virtual > > Domain hosting in Cyrus IMAPd and the concept of realms in SASL. And > SASL > > documentation is quite poor or at least it's hard to find the right > piece > > to > > read unless you followed the development of *IX operating systems since > > the > > early 70ies. (My personal opinion, not worth discussing.) > > > > The "virtdomain: yes" stuff hasn't been there forever in Cyrus IMAPd > > though. > > I am not sure when it was implemented but I remember when I had set up > our > > system about 2 years ago I had to go to a at that time beta release to > get > > it. So prior to the virtual domain support that we have today in Cyrus > > IMAPd, the approach that Patrick described and that web-cyradm seems to > > support was probably the only chance you had. > > > > Though this is sort of off topic, some words on SASL as well: > > > > As mentioned several times already: The '@' (at-sign) *is* a special > > character to SASL. It separates the user name from the so-called realm > in > > SASL. At least this is what you can find the in recent Cyrus SASL > > implementations. Interesting enough, the RFC 2222 which describes SASL > > does > > not explicitely talk about this. > > > > For many systems the rule is "realm == domain", so if you have a user / > > mailbox name such as [EMAIL PROTECTED], then the realm will be > > somedomain.com. It is up to the SASL configuration what to do with this, > > like use the realm portion to lookup users in different files by using > the > > realm name as a filename, look up users in different passwd files in > > different directories by using the realm name as a directory name. > > > > What's a bit more tricky is how to use a realm name which will have the > > format of subdomain.domain.tld to do an LDAP lookup for some object in > > dc=subdomain,dc=domain,dc=tld. But this is a whole separate story and > > really > > way out of topic for this list. > > > > To take this all back to web-cyradm, I think what we can learn from this > > discussions: > > > > - There are 1000 ways to skin a cat. Or to set up a Cyrus IMAPd based > > mailserver. It might be worth to explain these alternatives to allow > > anyone > > setting up a system to make an educated decision of what he or she is > > doing. > > > > - There is no right and wrong handling of this in web-cyradm but a need > to > > configure web-cyradm according to the setup you've chosen. So this is > not > > a > > bug but a feature request. > > > > Having said all that: > > > > @Luc: Any progress in the setting up a Wiki or giving individual people > a > > user ID that would allow them to wrap stuff like this here up in a HOWTO > > and > > publish it on the site? > > > > Regards, > > Torsten > > > >> --- Urspr�ngliche Nachricht --- > >> Von: "paeddy" <[EMAIL PROTECTED]> > >> An: <[email protected]> > >> Betreff: RE: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > >> Datum: Wed, 18 May 2005 10:44:29 +0200 > >> > >> Hi Torsten, > >> > >> I have the same setup like you have (unixhierarchysep: yes, > >> DOMAIN_AS_PREFIX=1) and my user also looks like you described with the > >> "." > >> in pace of the "@" but the server is running well, without any > problems. > >> > >> The users will then have to login with "user.domain.tld" as username. > >> Thats > >> the only thing i had to make them clear. > >> > >> Therefore i don't knwo if it is a bug or if ist is impleneted that way > >> because authentivcation would make problems with with the @. Probably > >> the > >> @ > >> is a reserved character in sasl or mysql or whatever. > >> > >> Regards, > >> patrick > >> > >> -----Original Message----- > >> From: [EMAIL PROTECTED] > >> [mailto:[EMAIL PROTECTED] On Behalf Of Torsten > >> Schlabach > >> Sent: Wednesday, May 18, 2005 10:25 AM > >> To: [email protected] > >> Subject: Re: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > >> > >> >> Is this a bug or did I overlook something? Should I file a bug? > >> > >> As nobody replied and told me there is a good reason for this, I will > go > >> ahead and file a bug for this ... > >> > >> I wonder if nobody ever noticed this or is just nobody using the > >> "unixhierarchysep: yes" setting in imapd.conf? > >> > >> Regards, > >> Torsten > >> > >> > --- Urspr�ngliche Nachricht --- > >> > Von: "Torsten Schlabach" <[EMAIL PROTECTED]> > >> > An: [email protected] > >> > Betreff: [Web-cyradm] DOMAIN_AS_PREFIX=1 and mailbox names > >> > Datum: Mon, 16 May 2005 17:54:03 +0200 (MEST) > >> > > >> > Hi, > >> > > >> > if I want to > >> > > >> > - use virtual domains > >> > - use mailbox names with "." in it > >> > > >> > I understand I should use > >> > > >> > DOMAIN_AS_PREFIX=1 in conf.php and unixhierarchysep: yes in > >> imapd.conf. > >> > > >> > According to my understanding of cyrus IMAPd, this means that mailbox > >> > names will take the format > >> > > >> > user/[EMAIL PROTECTED] > >> > > >> > But they actually show up in cyrus as > >> > > >> > user/some.user.domain.com > >> > > >> > Would the user/some.user.domain.com notation make any sense in any > >> > circumstances? If I think of a user such as > >> > > >> > [EMAIL PROTECTED] this would then translate to > >> > > >> > user/henry.w.ford.company.com.tw > >> > > >> > How would the system ever now which part of this will be the mailbox > >> > name and which would be the domain name? > >> > > >> > Is this a bug or did I overlook something? Should I file a bug? For > >> > new accounts this can be patched in newaccount.php in line 240, but I > >> > am not sure if there are more places where this would need fixing. > >> > > >> > Regards, > >> > Torsten > >> > _______________________________________________ > >> > This mailing list is hosted and supported by bit-heads GmbH | > >> > http://www.bit-heads.ch > >> > > >> > _______________________________________________ > >> > Web-cyradm mailing list > >> > [email protected] > >> > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > >> > > >> _______________________________________________ > >> This mailing list is hosted and supported by bit-heads GmbH | > >> http://www.bit-heads.ch > >> > >> _______________________________________________ > >> Web-cyradm mailing list > >> [email protected] > >> http://www.web-cyradm.org/mailman/listinfo/web-cyradm > >> > >> > >> _______________________________________________ > >> This mailing list is hosted and supported > >> by bit-heads GmbH | http://www.bit-heads.ch > >> > >> _______________________________________________ > >> Web-cyradm mailing list > >> [email protected] > >> http://www.web-cyradm.org/mailman/listinfo/web-cyradm > >> > > _______________________________________________ > > This mailing list is hosted and supported > > by bit-heads GmbH | http://www.bit-heads.ch > > > > _______________________________________________ > > Web-cyradm mailing list > > [email protected] > > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > > > > > > > _______________________________________________ > This mailing list is hosted and supported > by bit-heads GmbH | http://www.bit-heads.ch > > _______________________________________________ > Web-cyradm mailing list > [email protected] > http://www.web-cyradm.org/mailman/listinfo/web-cyradm > _______________________________________________ This mailing list is hosted and supported by bit-heads GmbH | http://www.bit-heads.ch _______________________________________________ Web-cyradm mailing list [email protected] http://www.web-cyradm.org/mailman/listinfo/web-cyradm
