| 1 |
Ow Mun Heng wrote: |
| 2 |
> Just wondering, can I say, have a virtual domain user user1@localdomain |
| 3 |
> (where localdomain is really local but just hosted as a virtual domain) |
| 4 |
> which can have SSH/FTP access using the same password to access their |
| 5 |
> email? |
| 6 |
|
| 7 |
My understanding is the are two major ways to solve this. |
| 8 |
|
| 9 |
1. pam + db for all accounts including local accounts |
| 10 |
Some db magic with pam or whatever local auth you do. This way the user |
| 11 |
still has some sort of central auth and doesn't end up with 2 different |
| 12 |
passwords and so forth. All accounts are virtual, but users designated |
| 13 |
as local also get shell, ftp, etc. |
| 14 |
|
| 15 |
2. One localdomain and all others are truly virtual. |
| 16 |
set localdomain.com as local in your virtual config and everything else |
| 17 |
to virtual. The pop/imap/smtp daemons should auth locally and it pretty |
| 18 |
much just works in my experience. The caveat is that it is only feasible |
| 19 |
to have one domain as local and it's generally an all local or all |
| 20 |
virtual sort of thing. Mixing and matching local and virtual users |
| 21 |
within the same domain can be painful and hard to manage. |
| 22 |
|
| 23 |
I did #2 since it's easy and I like sleep. I use Postfix, Courier, and |
| 24 |
frontend it with PostfixAdmin. PostfixAdmin is great as it allows you to |
| 25 |
create domain admins that can managed the domains you assign them. I |
| 26 |
also changed from Squirrel to Horde IMP on this latest iteration and the |
| 27 |
users seem to like that better especially the HTML mail support. |
| 28 |
|
| 29 |
I highly recommend greylisting. It stops so much spam on its own which |
| 30 |
means your content filtering doesn't have to be so gung-ho which has had |
| 31 |
the effect of decreasing overall false positives. And I'm using much |
| 32 |
less CPU. |
| 33 |
|
| 34 |
Depending on which MTA you pick and where your database is you'll want |
| 35 |
to look into mysql:proxy statements in your config. That'll enable your |
| 36 |
MTA to multiplex queries over the same TCP connection which will |
| 37 |
decrease load on your db. This isn't so much of an issue if your db is |
| 38 |
local. |
| 39 |
|
| 40 |
kashani |
| 41 |
-- |
| 42 |
gentoo-server@g.o mailing list |
Archives