Re: [opensuse] Setting up new email server on 10.3
- From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 09 Apr 2008 14:56:25 +0200
Jim Flanagan wrote:
John Andersen wrote:On Tue, Apr 8, 2008 at 7:07 PM, Jim Flanagan <linuxjim@xxxxxxxxxx> wrote:OK, as root I set a password for user cyrus, and now can log into cyradm. There was my one user mailbox there already. I created another user (mailbox), but don't see where to set a password for that user in cyradm.
Hi all,
I'm getting around to setting up my email server on opensuse 10.3 to
migrate from an older setup. Its a clean 10.3 install. I've used
postfix-cyrus imap-amavis-spamassassin-sieve in the past and like that
setup.
I'd like to have email users separate from local users. At present I only
have one local user, but may have a few family members use this machine with
their own logins at some point. I plan to have approx 10 to 20 email users,
so this is no big install, just my home email server.
Looking at yast to set up the MTA, it offers to set postfix up to auth
against an LDAP server and offers to set up that as a local LDAP. That
sounds interesting, but I don't need anything else to use LDAP except
posftix and imap. Is this the best way to accomplish what I want, or is
using another method of authing my email users better, and what would that
be?
I don't think you need ldap for Imap accounts with Cyrus.
Just add the users via cyrus admin and let cyrus take care
of it.
I "think" I need to change the way cyrus authenticates, in etc/sysconfig, but am unsure exactly how to do this and which auth scheme to use. Can anyone give me some guidance with this?
The usual way is to use an authentication daemon that is queried by all mailservices: SMTP/Imap/POP3/Webmail
The default for Cyrus is saslauthd, which again will query pam as default.
On the positive side for saslauthd you can set it up pretty easy, and everything will work.
The negative side is that saslauthd will only use cleartext mechanisms, so you should set up TLS/SSL encryption to prevent password snooping.
You can also use a sasldb to auth against, that would give you encrypted challenge/response mechanisms like CRAM-MD5. It is a bit more complicated to setup since you need to take care of access rights to the sasldb yourself.
Though for 15-20 users I would just use saslauthd and deny them a login shell.
Another question is how many domains you expect to administer on your server and what other services you might want to offer.
--
Sandy
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
- Follow-Ups:
- Re: [opensuse] Setting up new email server on 10.3
- From: Jim Flanagan
- Re: [opensuse] Setting up new email server on 10.3
- References:
- [opensuse] Setting up new email server on 10.3
- From: Jim Flanagan
- Re: [opensuse] Setting up new email server on 10.3
- From: John Andersen
- Re: [opensuse] Setting up new email server on 10.3
- From: Jim Flanagan
- [opensuse] Setting up new email server on 10.3
- Prev by Date: Re: [opensuse] Amarok with MP3 on OpenSuse 10.3
- Next by Date: Re: [opensuse] Amarok with MP3 on OpenSuse 10.3
- Previous by thread: Re: [opensuse] Setting up new email server on 10.3
- Next by thread: Re: [opensuse] Setting up new email server on 10.3
- Index(es):
Relevant Pages
|
