1 |
Ow Mun Heng wrote: |
2 |
> Just wondering, can I say, have a virtual domain user user1@localdomain |
3 |
> (where localdomain is really local but just hosted as a virtual domain) |
4 |
> which can have SSH/FTP access using the same password to access their |
5 |
> email? |
6 |
|
7 |
My understanding is the are two major ways to solve this. |
8 |
|
9 |
1. pam + db for all accounts including local accounts |
10 |
Some db magic with pam or whatever local auth you do. This way the user |
11 |
still has some sort of central auth and doesn't end up with 2 different |
12 |
passwords and so forth. All accounts are virtual, but users designated |
13 |
as local also get shell, ftp, etc. |
14 |
|
15 |
2. One localdomain and all others are truly virtual. |
16 |
set localdomain.com as local in your virtual config and everything else |
17 |
to virtual. The pop/imap/smtp daemons should auth locally and it pretty |
18 |
much just works in my experience. The caveat is that it is only feasible |
19 |
to have one domain as local and it's generally an all local or all |
20 |
virtual sort of thing. Mixing and matching local and virtual users |
21 |
within the same domain can be painful and hard to manage. |
22 |
|
23 |
I did #2 since it's easy and I like sleep. I use Postfix, Courier, and |
24 |
frontend it with PostfixAdmin. PostfixAdmin is great as it allows you to |
25 |
create domain admins that can managed the domains you assign them. I |
26 |
also changed from Squirrel to Horde IMP on this latest iteration and the |
27 |
users seem to like that better especially the HTML mail support. |
28 |
|
29 |
I highly recommend greylisting. It stops so much spam on its own which |
30 |
means your content filtering doesn't have to be so gung-ho which has had |
31 |
the effect of decreasing overall false positives. And I'm using much |
32 |
less CPU. |
33 |
|
34 |
Depending on which MTA you pick and where your database is you'll want |
35 |
to look into mysql:proxy statements in your config. That'll enable your |
36 |
MTA to multiplex queries over the same TCP connection which will |
37 |
decrease load on your db. This isn't so much of an issue if your db is |
38 |
local. |
39 |
|
40 |
kashani |
41 |
-- |
42 |
gentoo-server@g.o mailing list |