John,
Thanks. It makes sense now. It was an issue of my limited
understanding of LDAP and how its trees are designed. If I
need further help on this I'll bother you privately since
this is no longer a Cyrus issue.
Thanks for your help.
Marius
-----Original Message-----
From: John C. Amodeo [mailto:[EMAIL PROTECTED]]
Sent: Friday, April 27, 2001 8:59 AM
To: Tegomoh, Marius N.
Cc: [EMAIL PROTECTED]
Subject: Re: Virtual Domain Implementation (example)
Marius,
We use standard DNS, not DNS entries in LDAP or anything like that.
I assume (I could be wrong - someone help me out...) that your LDAP
directory structure would be completely independent of your DNS
registrations. If you had 2 domains registered to your organization, you
could have 2 Cyrus/Postfix combos installed on 1 physical server, where your
LDAP tree that looks something like this (LDAP can be running on any
machine...):
o=LDAPadmin (or whatever)
ou=MailDomains (or whatever)
ou=Acme
miller
smith
ou=Rutgers
miller
smith
Now, lets assume you have "email.acme.com" registered for the Acme domain
and "email.rutgers.edu" registered for the Rutgers domain. In your DNS
data, all mail for "acme.com" will be handled by "email.acme.com" and all
mail for "rutgers.edu" will be handled by "email.rutgers.edu" As long as
Postfix or Sendmail is configured to accept mail for their respective
domains, if you send to "[EMAIL PROTECTED]", the message should get dropped to
"[EMAIL PROTECTED]"
At this point, the only purpose your LDAP directory serves is for account
authentication (storage container just for usernames and passwords...). You
can make the structure look anyway you want. You don't not even need to
reference the domains at all - as long as you know the users for domain "A"
are at this basedn, and users for domain "B" are at this basedn, just
configure each imapd.conf's sasl configuration to point to that location.
In my example, all I am using LDAP for is <username> <password>. The mail
server or the ldap server does not care whether or not you are using domains
or subdomains.
-John
