Virtual Domains and authentication

Andrew Koros akoros at
Tue Aug 12 06:05:59 EDT 2003

On Tue, 2003-08-12 at 11:47, Michael Fair wrote:
> I've never used pam for virtual domains but the general idea
> is that the user provides the fully qualified user at domain.dom
> as their userid.  SASL splits that up into a "realm" and a
> user so in terms of SASL, creating the user looks something
> like this:
> saslpasswd -c -U domain.dom userid
> I really can't say how this will map to PAM since PAM really
> doesn't support the concept of realms (as I understand it).
> -- Michael --

With pam you can have IMAP accounts of the type: username.domain.tld so
that mail sent to username at domain.tld is delivered to a cyrus account:

This needs the the option "unixhierarchysep: yes" is set in the

There are howto's showing how to achieve this:

In the new cyrus-2.2.x (now in beta) username at domain.tld will be
allowed. Otherwise for now you can use the Perdition IMAP/POP proxy
server( or get a patch (I think),
for the current stable 2.1.x series.

> "James Satterfield" <james at> wrote in message
> news:1059956276.eba8c41ce07f8 at
> > I'm having a lot of difficulty wrapping my mind around authentication for
> a
> > virtual domain configuration. I would like to use PAM for auth, but I
> don't see
> > how to get around the '@' in the usernames. I see nothing in the docs that
> > address how to setup auth for virtual domain support.
> > Do any of you have any tips, howtos, advice, config examples?
> >
> > Thanks,
> > James.
> >
> >
Andrew Koros
Developer, Systems Services

2nd Floor Parkside Towers
Mombasa Road, Nairobi

Tel: +254 2 69088618
Fax: +254 2 69088001
Email: akoros at

NOTICE: "The contents of this e-mail and any accompanying documentation is
confidential and any use thereof, in whatever form, by anyone other than the
addressee for whom it is intended, is strictly prohibited."

More information about the Info-cyrus mailing list