Jim
Add the following lines to your imapd.conf (can leave out the comments)
#this says turn on virtual domains and use the user input to decide
which domain the user is in (I think from memory)
virtdomains: userid
#you need to state which domains you will accept mail for
loginrealms: domain1 domain2 domain3 sub1.domain1 sub2.domain1
sub1.domain2 sub2.domain2
If you are creating users using saslpasswd2 see man saslpaswd2 to create
users in their own domain e.g.
saslpasswd -c joe -u domain1
I started out using sasldb2 authentication with virtual domains and
quickly realised that using a MSQL backend was much easier in the longer
term.
You do not mention what OS you are using but the basics of what I have
done are quite well documented (man imapd.conf is a very good source of
information).
If you want to explore MySQL backends:
For Fedora/Red Hat installs:
1) install pam_mysql.rpm
2) in /etc/sysconfig/saslauthd change the MECH to pam
3) edit /etc/pam.d/imap to include the details of your MySQL database
(web-cyradm contains scripts for creating a suitable database and some
quite good other advice about setup and looking at other posts there is
a patch for FQUN - I hacked it myself to work - I would not really know
how to release a patch). I have attached a copy of my imap file (I can
also authenticate exim with pam so I think you should be able to do the
same with Postfix if you are interested in that)
4) edit your /etc/imapd.conf (see man imapd.conf for detailed
descriptions - I have attached an annotated copy of mine to help you
along the way).
Hope this helps
Regards
sjm
Jim Norton wrote:
Ok I need to clarify.
I don't have a "joe" mailbox yet. I would like to be able to have two
"joe" mailboxes called for example: [EMAIL PROTECTED] and
[EMAIL PROTECTED]
In my current usage of Cyrus IMAP I've not been able to do this
because I've been creating users with a command like cm user.joe
..... Without the FQUN.
Then through the Postfix config files I tell Postfix which virtual
domain joe belongs to.
So currently "joe" can only exist in one virtual domain.
My question is how do I go about setting up users in Cyrus IMAP and
Cyrus SASL so that I "could" have a user "joe" in multiple virtual
domains?
Thanks for the replies everybody...
Quoting "S. J. Morrison" <[EMAIL PROTECTED]>:
-----Original Message-----
From: "Ciprian Vizitiu" <[EMAIL PROTECTED]>
To: info-cyrus@lists.andrew.cmu.edu
Sent: 08/04/06 10:50
Subject: RE: Virtual domains and [EMAIL PROTECTED] and [EMAIL PROTECTED]
I have TWO joes(s) in TWO different domains but they "live on the same
IMAP box... Because I'm using Cyrus IMAP the users mailboxes aren't
mapped to system accounts so Postfix just passes any mail to unknown
"non-system accounts" on to Cyrus for delivery. So the question
becomes how do I enable such a setup so that Cyrus will deliver the
mail to the correct mailbox?
OK you had one Joe on one domain and he was receiving mail fine. You
added
another Joe to another domain and now all mail goes to one of the
Joes. It
sounds like as Ciprian said it is an MTA issue. Postfix is stripping
the
FQDN before passing mail on to Cyrus.
Since he said that users to not exist as users on the underlying
machine to
me it looks like "virtual" and/or "virtual_mailbox" in Postfix. Simply
create a different joe say joesmith as a mbox on Cyrus and split
delivery in
Postfix via "virtual_mailbox" mechanism. But then obviously I'm no Cyrus
guru, most likely it can also be done in a "pure Cyrus way".
Hi
I mentioned I do not use Postfix (I found Exim more suitable for me -
and although there is not a howto like the postfix one there is very
good docs on exim.org). When creating users in Cyrus using sasl the
domain can be specified meaning they are distinct. If a MTA strips
the domain from an email address and passess it Cyrus will add the
default domain to the user. This is the impression of the problem I
got from Jim's posts although if he has managed to have mail
delivered to virtual domains already this does not quite make sense -
basically if Cyrus is already delivering to multiple domains I cannot
see why there is a problem with users with the same name before the @
in an email address (unless there is something particular in Jim's
configuration). Hope this is of some help to Jim - if not let us
have a look at imapd.conf and I might be able to suggest something else.
Regards
sjm
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
#a couple of admins for everybody and admins for each domain
admins: username1 username2 [EMAIL PROTECTED] [EMAIL PROTECTED]
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail.exim
hashimapspool: true
sasl_pwcheck_method: saslauthd
allowplaintext: yes
#This is not an internet facing server so PLAIN is acceptable
sasl_mech_list: PLAIN
sasl_sql_user: MySQL user
sasl_sql_passwd: MySQL pass
sasl_sql_hostnames: MySQL hostname
sasl_sql_database: MySQL database name
#The MySQL query that works for me!
sasl_sql_select: select password from accountuser where username = '%u%r'
#sasl_mech_list: DIGEST-MD5
#pwcheck_method: pam
#enable the following so that usernames can include dots
unixhierarchysep: true
servername: mail.teachers.uk.net
#if mail comes without FQDN the following is appended
defaultdomain: mail.teachers.uk.net
#virtdomains: on
#this says turn on virtual domains and use the user input to decide which
domain the user is in (I think from memory)
virtdomains: userid
#you need to state which domains you will accept mail for
loginrealms: domain1 domain2 domain3 sub1.domain1 sub2.domain1 sub1.domain2
sub2.domain2
tls_cert_file: /usr/share/ssl/certs/CA/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/private/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/CA/private/cakey.pem
#%PAM-1.0
# Mail services
auth sufficient /lib64/security/pam_mysql.so user=MySQL user
passwd=MySQL password host=MySQL host db=MySQL database table=username_table
usercolumn=username_field passwdcolumn=password_field
#auth sufficient /lib64/security/pam_unix_auth.so
account required /lib64/security/pam_mysql.so user=MySQL user
passwd=MySQL password host=MySQL host db=MySQL database table=username_table
usercolumn=username_field passwdcolumn=password_field
auth required /lib64/security/pam_warn.so
account required /lib64/security/pam_warn.so
#auth required /lib/security/pam_debug.so
#account required /lib/security/pam_debug.so
#account required /lib/security/pam_permit.so
#account sufficient /lib/security/pam_unix_acct.so
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
