[POLL] Cyrus 2.2 virtdomains behavior (Was: global admin without
p.boven at chello.nl
Fri Jan 2 11:13:06 EST 2004
Hi Christos, everyone,
Christos Soulios wrote:
> Security is one thing. More than this, my opinion is that in order cyrus
> to be deployed in a true multi domain environment, and thus actually be
> used by ISPs, admins must be able to distribute the virtual domains
> according to the name of the server, users are connecting to. In such a
> multi domain environment, users have no abillity to choose their domain
> by appending a @domain to their userid.
Security is a very important thing. And security to me means encryption,
not only of the authentication phase but of the whole session. Now with
HTTPS I know you loose the ability to support virtual domains, because
the TLS session must be setup before the requested URL is transferred.
This means you can only have one hostname per IP-adres as soon as you
use SSL. Wouldn't you run into the same problem when enabling virtual
domain support on cyrus?
I've deployed several single domain cyrus servers, but am working on my
first multidomain one, with Squirrelmail via SSL on top. So the way
things look now is that the machine will have only one hostname,
imap.example.com, and that everyone logs in with their complete
email-address as the fully qualified username, either with imaps or via
https and squirrelmail.
In short: I think we should keep the ability to allow users to provide
fully qualified usernames.
Regards, Paul Boven.
More information about the Info-cyrus