[CentOS] Re: Planning Mail Server (with low resources)

Wed Dec 7 20:49:49 UTC 2005
Aleksandar Milivojevic <alex at milivojevic.org>

Quoting Alain Reguera <alain.reguera at gmail.com>:

>> 1) Minor: Why do you want a large /home?
>
> To let the users organise their mails in folders (using squirrelmail
> or maybe another webmail client). If there are other ways of do this I
> would be very pleased to know them.

With Cyrus, everything is stored under /var/spool/imap.  Including the folders
that users create.  The filtering rules (called Sieve scripts, something
comparable to procmailrc files) are also stored inside Cyrus system, not in
user's home directory.  Just give all that space to /var/spool/imap (so you'd
get almost 30 gig there).  User's don't even have to have home directories (or
accounts for that matter) on the system.

In short, Cyrus does not use system accounts (from /etc/passwd).  You create
mailbox for a user (which would be physically stored in 
/var/spool/imap).  This
is the INBOX folder.  When user's create new folders, they become 
subfolders of
INBOX, and those folders are also stored in /var/spool/imap.  The creation of
Cyrus mailbox is completely separate process from creation of system account.

User with system account and no mailbox, will not be able to use Cyrus (and
Cyrus will not receive email for him).  User with mailbox and no system 
account
will be able to use Cyrus.  However, then you can't use default configuration
that uses system accounts for authentication (Cyrus will accept email for the
user, but user will not be able to access it since he doesn't have system
account).

The thing that uses (by default) system accounts is saslauthd.  Default
configuration for Cyrus IMAPD on CentOS is to use saslauthd for authentication
(password checking).  In turn, saslauthd is by default configured to 
use system
accounts (/etc/passwd and /etc/shadow files).  If you change saslauthd
configuration to use LDAP or Kerberos (controlled from 
/etc/sysconfig/saslauthd
file, see also manual page for saslauthd), you can completely remove all user
accounts from /etc/passwd.  This is the way majority of sites that use Cyrus
are operating.  Users should not have system accounts on mail server.

Sounds complicated?  Not really, you'll see when you start to use it.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.