Hi there;
I'm looking for ways to fully ldap-ise my virtual domain hosting into
LDAP, and although there are a few ways to do this, I'm not fully
satisfied with any of the current possibilities...
As it stands, our setup involves qmail-ldap/control, courier pop/imap,
and pam-ldap. We have some users who have unix access privileges, and
others who are purely mail accounts. Additionally, we have some domains
whose recipients do not have accounts on our server.
Dealing with the local users is easy. They're in the LDAP store, and
everything is working nicely. It's the virtual domains that I'm
bothered by. The solutions that exist, as far as I can tell, are as
follows:
1. Create a subtree in the ldap store to contain users in the virtual
domain, and just configure them as regular users who have mail
forwarded to some other address. This sucks because it's fairly
difficult to restrict permissions in a meaningful way so that people
could administer their own domains.
2. Add a "virtualDomains: domain.tld:localuser" entry for each virtual
domain, set localuser's ldap record to receive mail for
"[EMAIL PROTECTED]", and create a .qmail-recipient file for each
recipient at domain.tld in localuser's home directory (or
/var/qmail/alias/ (?)). This is totally unsatisfactory because it
requires a user to necessarily have filesystem access (plus a working
knowledge of .qmail files) to modify their domain setup.
Ideally what would happen is a combination of the two above:
- add a virtualDomains: domain.tld:virtualuser
- add a virtualuser record (perhaps qmailVirtualUser objectClass?)
- this record would have entries like the following:
mailVirtualMap: username1:[EMAIL PROTECTED]
mailVirtualMap: username2:[EMAIL PROTECTED]
mailVirtualMap: username3:[EMAIL PROTECTED]
and so on. This makes web-based administration for virtual domains
possible and easy. I'm not at all attached to the schema. For all I
know, there could be such a schema that exists for postfix or
something. Heck, it could even exist for qmail, and I've just totally
missed the boat... ;-)
Any help on this would be most appreciated. I don't have the skill or
the time to make the modifications myself, but I'm definitely willing
to help test any system that someone could come up with.
thanks very much,
blaine.
- Re: Virtual Domain Hosting blaine
- Re: Virtual Domain Hosting K. F. Yim
- Re: Virtual Domain Hosting blaine
- Re: Virtual Domain Hosting Ace Suares
- Re: Virtual Domain Hosting blaine
- Re: Virtual Domain Hosting Ace Suares
