On Tue, 04 Feb 2003, nate wrote: > to use, flexible etc. That said, I took a look at possibly replacing > my cyrus 1.5 with a new cyrus 2.0 or 2.1?? from the unofficial debs
Use my *official* debs. Duh. The ones for woody are official, they just are not shipped with woody :-P sid includes cyrus 1.5 (deprecated upstream) and cyrus 2.1. 2.2 is comming in one month or so. Woody (debian 3.0) has official debs of 1.5 (shipped by Debian), and 2.1 (shipped by me, at http://people.debian.org/~hmh). > and it just looks horrible to me. All this sasl crap, incompadiblities Cyrus 1.5 also has SASL problems. Anyway, Cyrus 2.1 will do LDAP auth very easily, as long as it is against an open-ldap server (there is no need to muck around with PAM to do that, then). I use it here, and it doesn't even glitch. SASL doesn't document it well enough, but saslauthd will talk to slapd (from openldap) trivially if configured to do so. > with LDAP authentication, and the complex install process/configure > process gives it more then 3 strikes in my book. So if/when I decide > to move on it will be to courier. Have a look on the new docs in cyrus21-docs, they might change your mind. Or not. SASL is a bitch to configure if you need to do anything fancy with it. > > + Given that there are no local users, how do they authenticate to > > access their email via IMAP? SASL gives you a auth database that can be local (using the /etc/sasldb2 file, and maintained by the saslpasswd2 utility), or through PAM (so it can be made to use the same user database as the system itself, if you want), or directly to LDAP. > I use LDAP authentication via PAM. I have extensive documentation on > how to setup & deploy such authentication at my LDAP site: > http://howto.aphroland.de/HOWTO/LDAP That will work well for SASL1.5. For SASL2 it is a bit different, since it is best NOT to use PAM then. [ skip Cyrus 1.5 reconstruct process ] Cyrus 2.1 does such stuff mostly the same way. > I haven't tried courier myself yet so can't reccomend for or against > it, I hear it's good, I plan to investigate it further, but for me > at least cyrus 2.x is a real bad solution. It seems flaky & has stupid > dependencies on sasl(I can understand offering support for sasl but > don't force it). Heh. The people who write Cyrus write SASL. Why should they do their work twice? The main problem with SASL is that it requires a bit of experimentation to get it right, and you NEED to read ALL the docs, since there are preciously few of them :( Cyrus 2 is anything but flaky... I am not really sure it is as stable as 1.5, but it has fewer security issues, and a lot more features. > if you use squirrelmail for webmail I reccomend installing php4-apc > it improves SM performance by about 20x on my system. Nice hint. I will try that one. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
