2.2 imap virtual domains and realms questions
Chris Hamilton
chris at ambigc.com
Mon May 26 04:30:06 EDT 2003
Hi, we are implementing an email system using kerberos, ldap, cyrus, and
exim.
There appears to be two ways of dealing with multiple realms in cyrus:
Pre 2.2 cyrus (and hopefully 2.2+)
All realms that receive mail are mapped to one namespace.
2.2+ cyrus
Virtual domains can be used to separate realms (I think). But user acls
cannot cross realms.
Questions for 2.2:
Assuming kerberos realms can equal email domains. What happens when
kerberos realms != email domains? Is there an aliasing
capability?
1 to 1 (ie. a non domainname krb realm - FOOBAR not FOOBAR.COM)
Many to 1 (ie. all these realms -> one email domain)
General dumb question:
How does kerberos cross realm authentication work?
(What does cyrus see as a 'userid' when coming in from
another realm?)
Thanks for your time,
Chris Hamilton
More information about the Info-cyrus
mailing list