Hello Paul, Marc and readers; 1.a) ldap Don't really like that idea. I spend a few month once converting and running my users from LDAP. LDAP is a pain in the you know what.
1.b) imap If someone logs in via imap how does dbmail know where from to authenticate that person and which config / sqlite db to use? Is there already a setup for that in LDAP? 2) chroot I don't understand why we need chroot. All my users are virtual they don't have ssh or ftp access. I don't even run postfix chroot. A directory like /home/user/ can still be created for each of them. All they get is imap and web access anyway. Via web they can change their password use webmail etc. Why does Geo use chroot? Even if they are not virtual users why would users have anything to do with the dbmail daemon. They are never starting dbmail directly. It's always done over imap. 3) xinetd I guess we can't run it as daemon because each users needs a config file. What disadvantage will initd / xinid bring with it? Are we now having to run more instances of dbmail one for each user? Isn't the daemon starting up a child for each user anyway? Are we going to have a time delay for dbmail-imap to start? 4) MTA How does Postfix know where to feed the email. Right now all we do is dbmail-lmtp:localhost:24 Dbmail gets the email but which config file will be used to deliver? Can this info be retrieved from the common db or dbmail-ldap? 5) common sqlite db How is having a common db which only root, dbmail, postfix and php-sqlite have access to a security problem? Each user has it's own db with the dbmail-alias table,.in a non user accesable space. The common sqlite db gets periodically updated via cron or something with that data. No user has access to it. Why use ldap? By the way, isn't cyrus like that? Each user has a folder in a non user accessible area. -- Demi
