REALMS, saslauthd and Cyrus IMAPD

Diego Rivera lrivera at racsa.co.cr
Thu Sep 25 12:52:57 EDT 2003


Hello all!

I'm seeking to achieve a multi-domain setup with Cyrus-SASL, postfix,
Cyrus-IMAP and LDAP as the backend.

In general I think it should be possible to have completely separate
user spaces (defined as separate but similarly-formed branches of the
LDAP tree) and have that work with SASL (via saslauthd with the LDAP
plugin).

My idea is to have "multiple" postfix "instances" (for all intents and
purposes that's what they would be) processing e-mail for a single
domain each, delivering to the corresponding cyrus-imap instance (I
followed a howto @ http://www.phildev.net/cyrus/cyrus_sasl.html which
allows me to do just this with Cyrus-IMAP).

However I have some issues to resolve before I can implement and test
this setup:

How do I tell saslauthd how to find the user list for a particular
realm?

Since both postfix and Cyrus-IMAP can specify to SASL which realm the
user is being authenticated on, all I should need is to define where/how
each realm's users are accessible, right?

A side question: assuming such a setup is successful, would creating a
user in LDAP be enough for that user to be able to retrieve e-mail, or
would I additionally have to use cyradm to create the mailbox (i.e.,
would Cyrus-IMAP recognize that the mailbox isn't there and create it
automagically?).

Assume that for each postfix/cyrus-imap combo there would be a different
IP address through which they'd be accessible (this is required to do
the multi-domain setup with cyrus-imap).

Thanks for your time

Best

-- 
===========================================================
* Diego Rivera                                            *
*                                                         *
* "The Disease: Windows, the cure: Linux"                 *
*                                                         *
* E-mail: lrivera<AT>racsa<DOT>co<DOT>cr                  *
* Replace: <AT>='@', <DOT>='.'                            *
*                                                         *
* GPG: BE59 5469 C696 C80D FF5C  5926 0B36 F8FF DA98 62AD *
* GPG Public Key avaliable at: http://pgp.mit.edu         *
===========================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20030925/b8d578d2/attachment.bin


More information about the Info-cyrus mailing list