Date: Fri, 06 Dec 2002 10:55:49 -0800
From: Glen Mehn glen@burningman.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0)
Gecko/20020623 Debian/1.0.0-0.woody.1
To: Jeff AA jaa.debian@aquabolt.com
Cc: debian-security@lists.debian.org
Subject: Re: pop mail recommendations
Jeff AA wrote:
>Second the recommendation for courier.
>
>We have exim / courier [pop imap pops imaps] using maildir
formats
>and controlled from mysql for virtual users accepting mail
for about
>20 domains.
>
>We did compare with Cyrus, but that fell down on integration
with
>exim.
>
>This is the list dpkg -l *courier* | grep ii shows:
>
>ii courier-authda 0.37.3-2.3 Courier Mail Server
authentication daemon
>ii courier-authmy 0.37.3-2.3 MySQL Authentication for Courier
Mail Server
>ii courier-base 0.37.3-2.3 Courier Mail Server Base
System
>ii courier-imap 1.4.3-2.3 IMAP daemon with PAM and Maildir
support
>ii courier-imap-s 1.4.3-3.1 IMAP daemon with SSL, PAM and
Maildir suppor
>ii courier-pop 0.37.3-2.3 POP3 daemon with PAM and Maildir
support
>ii courier-pop-ss 0.37.3-3.1 POP3 daemon with SSL, PAM and
Maildir suppor
>ii courier-ssl 0.37.3-3.1 Courier Mail Server SSL Package
third the recco for courier/exim. lightweight, fast, reliable.
You can
also use sqwebmail for your webmail, which is written by the
courier
author(s), and uses the same libs to talk directly to the
maildir
folders. It'll allow users to login and change passwords (which
may
require sqwebmail to be setuid root if you authenticate off
of
/etc/passwd, which you likely don't want to do, but use postgres
or
something instead)
ymmv, but this is definitely the way to go for me.
From: "Jeff AA" jaa.debian@aquabolt.com
To: "'Phillip Hofmeister'" plhofmei@zionlth.org
Cc: debian-security@lists.debian.org
Subject: RE: pop mail recommendations
Date: Fri, 6 Dec 2002 14:17:53 -0000
Phillip Hofmeister plhofmei@zionlth.org wrote:
> On Fri, 06 Dec 2002 at 12:48:19PM -0000, Jeff AA wrote:
>
>> We have exim / courier [pop imap pops imaps] using
maildir formats
>> and controlled from mysql for virtual users accepting
mail for about
>> 20 domains.
>
> How do you handle virtual user password changes with this
setup? Can
> the users change their own password?
A little HTTPS PHP web page lets users change passwords, enter
a
vacation message or set up personal exim filters. We don't allow
remote
pop3 or imap - all is SSL wrapped. We run SquirrelMail through
https for
users who want a web client.
The nicest thing IMO though, is that we only allow relay
for
authenticated smtp connections via TLS and have a system filter
that
automatically copies all outgoing mail into a Sent folder - we
don't
have to rely on buggy clients, and users that have several
PCs/Laptops
etc, can see ALL their Sent items in a single server-side imap
folder.
All our domains, users and aliases are read by exim from a
local mysql
instance.
Using maildir format makes it easy for exim to filter into
sub-folders
etc. We can have shared folders with a single READ status for our
tech
team etc etc.
Regards
Jeff