2.2 imap virtual domains and realms questions
chris at ambigc.com
Mon May 26 04:30:06 EDT 2003
Hi, we are implementing an email system using kerberos, ldap, cyrus, and
There appears to be two ways of dealing with multiple realms in cyrus:
Pre 2.2 cyrus (and hopefully 2.2+)
All realms that receive mail are mapped to one namespace.
Virtual domains can be used to separate realms (I think). But user acls
cannot cross realms.
Questions for 2.2:
Assuming kerberos realms can equal email domains. What happens when
kerberos realms != email domains? Is there an aliasing
1 to 1 (ie. a non domainname krb realm - FOOBAR not FOOBAR.COM)
Many to 1 (ie. all these realms -> one email domain)
General dumb question:
How does kerberos cross realm authentication work?
(What does cyrus see as a 'userid' when coming in from
Thanks for your time,
More information about the Info-cyrus