On Tue, 2003-08-12 at 14:18, Simon Matter wrote:
> > On Tue, 2003-08-12 at 11:47, Michael Fair wrote:
> >> I've never used pam for virtual domains but the general idea
> >> is that the user provides the fully qualified [EMAIL PROTECTED]
> >> as their userid.  SASL splits that up into a "realm" and a
> >> user so in terms of SASL, creating the user looks something
> >> like this:
> >> saslpasswd -c -U domain.dom userid
> >>
> >> I really can't say how this will map to PAM since PAM really
> >> doesn't support the concept of realms (as I understand it).
> >>
> >> -- Michael --
> >>
> > Hi,
> >
> > With pam you can have IMAP accounts of the type: username.domain.tld so
> > that mail sent to [EMAIL PROTECTED] is delivered to a cyrus account:
> > username.domain.tld
> >
> > This needs the the option "unixhierarchysep: yes" is set in the
> > /etc/imapd.conf.
> >
> > There are howto's showing how to achieve this:
> > http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO/html/index.html
> > and
> > http://home.teleport.ch/simix/RPMS/Cyrus-imapd/contrib/Postfix+cyrus+postgreSQL+web-cyradm.pdf
> >
> > In the new cyrus-2.2.x (now in beta) [EMAIL PROTECTED] will be
> > allowed. Otherwise for now you can use the Perdition IMAP/POP proxy
> > server(http://vergenet.net/linux/perdition/) or get a patch (I think),
> > for the current stable 2.1.x series.
> 
> 
> My question remains how will the new 2.2 fit in PAM? Does it only work for
> the default domain? (Sorry I didn't study the virtual domain docs yet)
> 
> Simon
> 
Yeah, the username.domain.tld idea should work with the default domain
since this scheme in actual fact just rewrites mail destined to
[EMAIL PROTECTED] to [EMAIL PROTECTED] with respect to
the IMAP server. 

 My understanding is that in the new 2.2.x series setting the option
"virtdomains: no" in the imap.conf essentially causes the 2.2.x to
behave like the 2.1.x with regard to virtual domains. But even with
"virtdomains: yes" [EMAIL PROTECTED] should still work
since [EMAIL PROTECTED] is a valid address. The burden
of the rewrite lies with the MTA before it calls the LMTP agent.

However I' am yet to experiment with all this ;-)

~/Andrew Koros. 
> 
> >
> >>
> >> "James Satterfield" <[EMAIL PROTECTED]> wrote in message
> >> news:[EMAIL PROTECTED]
> >> > I'm having a lot of difficulty wrapping my mind around authentication
> >> for
> >> a
> >> > virtual domain configuration. I would like to use PAM for auth, but I
> >> don't see
> >> > how to get around the '@' in the usernames. I see nothing in the docs
> >> that
> >> > address how to setup auth for virtual domain support.
> >> > Do any of you have any tips, howtos, advice, config examples?
> >> >
> >> > Thanks,
> >> > James.
> >> >
> >> >
> >>
> > --
> > Andrew Koros
> > Developer, Systems Services
> >
> > UUNET KENYA LTD
> > 2nd Floor Parkside Towers
> > Mombasa Road, Nairobi
> >
> > Tel: +254 2 69088618
> > Fax: +254 2 69088001
> > Email: [EMAIL PROTECTED]
> >
> > http://www.uunet.co.ke
> >
> > NOTICE: "The contents of this e-mail and any accompanying documentation is
> > confidential and any use thereof, in whatever form, by anyone other than
> > the
> > addressee for whom it is intended, is strictly prohibited."
> >
> >
-- 
Andrew Koros
Developer, Systems Services

UUNET KENYA LTD
2nd Floor Parkside Towers
Mombasa Road, Nairobi

Tel: +254 2 69088618
Fax: +254 2 69088001
Email: [EMAIL PROTECTED]   

http://www.uunet.co.ke

NOTICE: "The contents of this e-mail and any accompanying documentation is
confidential and any use thereof, in whatever form, by anyone other than the
addressee for whom it is intended, is strictly prohibited."

Reply via email to