Date: Sun, 22 Jul 2001 13:55:18 -0500 From: Bob Martin <bob@buckhorn.net> To: jc@irbs.com, freebsd-isp@FreeBSD.org Subject: Re: IMAP servers Message-ID: <3B5B2196.4B8B07C4@buckhorn.net> References: <3B5AED0F.F8CE7C64@buckhorn.net> <20010722133103.A7059@tortugas.irbs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
John Capo wrote:
>
> *This message was transferred with a trial version of CommuniGate(tm) Pro*
> Last week I switched from postfix/procmail delivering to Maildirs
> for virtual domains to postfix/procmail/cyrus. Virtual domains
> are easy to implement with postfix and cyrus.
>
> I let postfix map user@domain.com to imap+user_domain_com with a
> mysql table and virtual_maps=mysql:/blahblahblah. Procmail is the
> mailbox_command delivery agent. I created a fallback_transport to
> procmail via the pipe driver:
>
> procmail unix - n n - - pipe
> flags=R user=cyrus argv=/usr/local/bin/procmail USER=${user} EXTENSION=${extension}
>
> Users in /etc/passwd have their mail delivered by the mailbox_command,
> in my case procmail, and everything goes to procmail/cyrus via the
> fallback_transport.
>
> I use procmail because it was the easy to implement junkmail
> filtering and attachment filename munging to disable the sircam
> worm and friends. The fallback_transport could be directly to
> cyrus or to cyrus via some other filter. The mailbox_command could
> be something other than procmail.
>
> A minimal ~cyrus/.procmailrc:
>
> DELIVERMAIL="/usr/local/cyrus/bin/deliver"
>
> :0
> | $DELIVERMAIL $EXTENSION
>
> I modified lib/auth_unix.c to map '@', '%', and '.' in usernames
> to '_' since '.' is the mailbox seperator in cyrus. This lets me
> assign unique usernames/mailboxes like joe@domain.com, joe@otherdomain.com,
> joe@yadomain.com, and so on.
>
> Netscape POP does not permit user@domain.com style usernames.
> Netscape turns user@domain.com to user@domain.com@popserver.com so
> I tell Netscape POP users to use user%domain.com instead.
> user@domain.com does work for Netscape IMAP and Outlook POP.
>
> Bottom line is if you let postfix do the virtual domain to mailbox
> name mapping, and you don't need user@domain.com style usernames,
> cyrus works out of the box.
>
> John Capo
> IRBS Engineering, Inc.
>
John,
First thanks for the input.
One of the problems we are facing is the need to use flat usernames (no
@ or %) I have several customers that are not into changing several
hundred clients <sigh>. That's what I mean about cyrus not doing virtual
domains, at least out of the box. The key is the IMAP or POP3 login. One
of the options I'm considering is a hack on SASL to get the IP the auth
request comes in on and then pass that on to a modified pam_mysql or use
pam_radius.
I had looked at having cyrus listen on different IP's, but that gets
really messy.
As a foot note, we use a postfix box as a spamfilter/gateway for all of
our e-mail, and we even filter mail for some other folks. The set up we
use just relays the mail on to another server, but it could do local
deliveries too. Along with doing RBL lookups, postfix can do header and
body checks.
Bob Martin
--
But in our enthusiasm, we could not resist a radical overhaul of the
system, in which all of its major weaknesses have been exposed,
analyzed, and replaced with new weaknesses.
-- Bruce Leverett, "Register Allocation in Optimizing Compilers"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B5B2196.4B8B07C4>