On Tue, 2003-08-12 at 14:18, Simon Matter wrote: > > On Tue, 2003-08-12 at 11:47, Michael Fair wrote: > >> I've never used pam for virtual domains but the general idea > >> is that the user provides the fully qualified [EMAIL PROTECTED] > >> as their userid. SASL splits that up into a "realm" and a > >> user so in terms of SASL, creating the user looks something > >> like this: > >> saslpasswd -c -U domain.dom userid > >> > >> I really can't say how this will map to PAM since PAM really > >> doesn't support the concept of realms (as I understand it). > >> > >> -- Michael -- > >> > > Hi, > > > > With pam you can have IMAP accounts of the type: username.domain.tld so > > that mail sent to [EMAIL PROTECTED] is delivered to a cyrus account: > > username.domain.tld > > > > This needs the the option "unixhierarchysep: yes" is set in the > > /etc/imapd.conf. > > > > There are howto's showing how to achieve this: > > http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO/html/index.html > > and > > http://home.teleport.ch/simix/RPMS/Cyrus-imapd/contrib/Postfix+cyrus+postgreSQL+web-cyradm.pdf > > > > In the new cyrus-2.2.x (now in beta) [EMAIL PROTECTED] will be > > allowed. Otherwise for now you can use the Perdition IMAP/POP proxy > > server(http://vergenet.net/linux/perdition/) or get a patch (I think), > > for the current stable 2.1.x series. > > > My question remains how will the new 2.2 fit in PAM? Does it only work for > the default domain? (Sorry I didn't study the virtual domain docs yet) > > Simon > Yeah, the username.domain.tld idea should work with the default domain since this scheme in actual fact just rewrites mail destined to [EMAIL PROTECTED] to [EMAIL PROTECTED] with respect to the IMAP server.
My understanding is that in the new 2.2.x series setting the option "virtdomains: no" in the imap.conf essentially causes the 2.2.x to behave like the 2.1.x with regard to virtual domains. But even with "virtdomains: yes" [EMAIL PROTECTED] should still work since [EMAIL PROTECTED] is a valid address. The burden of the rewrite lies with the MTA before it calls the LMTP agent. However I' am yet to experiment with all this ;-) ~/Andrew Koros. > > > > >> > >> "James Satterfield" <[EMAIL PROTECTED]> wrote in message > >> news:[EMAIL PROTECTED] > >> > I'm having a lot of difficulty wrapping my mind around authentication > >> for > >> a > >> > virtual domain configuration. I would like to use PAM for auth, but I > >> don't see > >> > how to get around the '@' in the usernames. I see nothing in the docs > >> that > >> > address how to setup auth for virtual domain support. > >> > Do any of you have any tips, howtos, advice, config examples? > >> > > >> > Thanks, > >> > James. > >> > > >> > > >> > > -- > > Andrew Koros > > Developer, Systems Services > > > > UUNET KENYA LTD > > 2nd Floor Parkside Towers > > Mombasa Road, Nairobi > > > > Tel: +254 2 69088618 > > Fax: +254 2 69088001 > > Email: [EMAIL PROTECTED] > > > > http://www.uunet.co.ke > > > > NOTICE: "The contents of this e-mail and any accompanying documentation is > > confidential and any use thereof, in whatever form, by anyone other than > > the > > addressee for whom it is intended, is strictly prohibited." > > > > -- Andrew Koros Developer, Systems Services UUNET KENYA LTD 2nd Floor Parkside Towers Mombasa Road, Nairobi Tel: +254 2 69088618 Fax: +254 2 69088001 Email: [EMAIL PROTECTED] http://www.uunet.co.ke NOTICE: "The contents of this e-mail and any accompanying documentation is confidential and any use thereof, in whatever form, by anyone other than the addressee for whom it is intended, is strictly prohibited."