Quoting Alain Reguera <alain.reguera at gmail.com>: >> 1) Minor: Why do you want a large /home? > > To let the users organise their mails in folders (using squirrelmail > or maybe another webmail client). If there are other ways of do this I > would be very pleased to know them. With Cyrus, everything is stored under /var/spool/imap. Including the folders that users create. The filtering rules (called Sieve scripts, something comparable to procmailrc files) are also stored inside Cyrus system, not in user's home directory. Just give all that space to /var/spool/imap (so you'd get almost 30 gig there). User's don't even have to have home directories (or accounts for that matter) on the system. In short, Cyrus does not use system accounts (from /etc/passwd). You create mailbox for a user (which would be physically stored in /var/spool/imap). This is the INBOX folder. When user's create new folders, they become subfolders of INBOX, and those folders are also stored in /var/spool/imap. The creation of Cyrus mailbox is completely separate process from creation of system account. User with system account and no mailbox, will not be able to use Cyrus (and Cyrus will not receive email for him). User with mailbox and no system account will be able to use Cyrus. However, then you can't use default configuration that uses system accounts for authentication (Cyrus will accept email for the user, but user will not be able to access it since he doesn't have system account). The thing that uses (by default) system accounts is saslauthd. Default configuration for Cyrus IMAPD on CentOS is to use saslauthd for authentication (password checking). In turn, saslauthd is by default configured to use system accounts (/etc/passwd and /etc/shadow files). If you change saslauthd configuration to use LDAP or Kerberos (controlled from /etc/sysconfig/saslauthd file, see also manual page for saslauthd), you can completely remove all user accounts from /etc/passwd. This is the way majority of sites that use Cyrus are operating. Users should not have system accounts on mail server. Sounds complicated? Not really, you'll see when you start to use it. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.