Re: VIRTUAL - User Permissions and Ownership

On Tue, 24 May 2005 16:48:05 -0700
Postmaster <Postmaster@light-hall.com> wrote:

> Quoting Keith Matthews <postfix@frequentous.co.uk>:
>
> >
> >
> > This should work but if the users do not have shell-level accounts
> > on
> > the box then such fine detail is an unnecessary complexity. If the
> > POP/IMAP server is a decent one and is set up correctly then the
> > users
> > cannot see each other's mail anyway.
>
> ======================================
>
> The users do NOT have shell-level accounts - I guess I thought that's
> what I was trying to avoid. Every user I add - I have to adduser and
> then if I don't "really" want them on the box - except for e-mail -
> disable shell access with /bin/false ??
>

That's the whole point of using virtual accounts. I never set up
accounts for mail-only users.

If you have a lot of users you need to think about using LDAP or an SQL
database to hold the account details. Using Berkeley is possible, but
(as has been discussed here before) the hassle of having to update two
sets of tables every time there is a change to the userbase gets to be
significant.


> The box is not being currently used for any "productional" e-mail, so
> I can change the setup. However, because of reverse authority from
> SBC, I am the reverse lookup for mail from my intenal network.
>
> Is there a recomended reading site for IMAP vs POP ? Right now, the
> users are used to using Windoze Pegasus fetching from a POP server -
> but I'm open to any suggestions
>
>

Off topic for the list, but as the question has been asked.

There is no such site that I am aware of. I would offer the following
thoughts -

If significant number of users access from different machines then use
IMAP

If you need to ensure mail is archived and/or properly stored for
posterity then use IMAP.

The reason for these is that (by default) POP access deletes the message
from the server as soon as it is read. It is possible to change those
settings at the MUA but that is risky if the policy is important and
could lead to quite a bit of extra work to check settings and ensure
users do not play with them.

To the best of my knowledge it is not possible for POP to have the
user's sent mail folder on the server, that is common with IMAP setups.

Several of my clients use Pegasus to Courier-imap. In general it works
well but there are occasional problems. One of them has an issue now
with Pegasus claiming that there are unread messages when in fact there
are not. We are still trying to get to the bottom of that one.


--
I do not reply to directly addressed mail unless it is clearly a matter
that should be dealt with off-list.