Moving from single to multi-domain. Mailboxes from default domain not being the same as before

ellie timoney ellie at fastmail.com
Thu Jul 5 23:10:48 EDT 2018 

Hi,

The "defaultdomain" is the domain that's assumed by Cyrus for users that
are uid only.  Any other domain needs to be explicitly specified in the
user (this applies to login, delivery, etc).  So, if you have:
      defaultdomain: foo.com

then "user" and "user at foo.com" are the same account (and can login using
either variation), but "user at bar.com" is some other account and can only
login as "user at bar.com".
It's not clear to me how you wish to use the extra domains.  Do you want
your existing users to be able to send/receive from multiple different
domains?  (e.g. user "anne" has both email addresses "anne at foo.com",
"anne at bar.com").
Or do you want accounts in different domains to be not related to each
other? (e.g. "anne at foo.com" and "anne at bar.com" aretwo totally different accounts)

In either case, I would think about having one LDAP attribute (single-
value, unique) to represent a user's "primary" email address, and a
separate LDAP attribute (multi-value, unique) to represent their
"aliases".  You would set up Cyrus to only consider the "primary"
attribute, and then set up your SMTP server to deliver email destined
for "alias" addresses to  the "primary" address for the matching
account.  I believe this is a common enough configuration that it
shouldn't be hard to find information online.  I have managed (non-
Cyrus) systems that worked like this in the past, but it was a long time
ago so I can't offer much specific help.
As for autocreate, it is not  compiled in by default, it needs to be
turned on at build time with the --enable-autocreate argument to
configure.  If you installed Cyrus from a distribution, your
distribution may have done this for you.
If you don't want to recompile to remove the feature, you can control it
using the autocreate_* options in imapd.conf (see man imapd.conf.5).
For example you should be able to use "autocreate_users" to limit it
only to certain LDAP groups rather than every valid login (if that is
useful to you).
But if you set up your LDAP directory and Cyrus such that each user only
has a single "primary" email address that they can use in Cyrus, and map
delivery to aliases outside of Cyrus, then people won't be able to login
with the "wrong" alias, and therefore autocreate won't accidentally make
new accounts for them. :)
Cheers,

ellie

On Fri, Jul 6, 2018, at 2:42 AM, Heiler Bemerguy via Info-cyrus wrote:
> Hi,


> Yeah "virtdomains" is set to "userid". The "defaultdomain" was
> commented out. By setting it to "ourcompany.com.br", it prevented the
> creation of another mailbox inside "domain/o/ourcompany.com.br"
> sucessfully, thanks.> But now I got another problem. We used to have other "default" domains
> like that. Like "companyalias.com.br", "companyalias2.com.br"... So is
> there a way to use *more than one* "defaultdomain", to block the
> creation of redundant mailboxes..?> 
> Em 04/07/2018 11:48, Vladislav Kurz escreveu:
>> On 07/04/18 16:37, Heiler Bemerguy via Info-cyrus wrote:
>>
>>> *The problem is:* When I authenticate with @ourcompany.com.br, it
>>> auto-creates *another *mailbox (//var/spool/cyrus/mail/domain/o/our-
>>> company.com.br/h/user/heiler^bemerguy//).  As the
>>> "ourcompany.com.br" is the default domain, it would be better (and a
>>> lot less troublesome) if it continued to use the old
>>> "//var/spool/cyrus/mail/h/user/heiler^bemerguy" /mailbox/./ *Is it
>>> possible*?
>>>
>> Did you set imapd.conf properly? Try this:  virtdomains: userid
>> defaultdomain: ourcompany.com.br  We used that when moving to
>> multidomain system, but we used SASLDB as backend (not LDAP).

>>> 
> 
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20180706/fe97c85b/attachment.html>

More information about the Info-cyrus mailing list