Sorry Jim if you do not use the second method I suggested to be able to
create the mailbox in cyradm all you have to do is:
cm user/[EMAIL PROTECTED] (if you are using unixhierarchysep)
or cm [EMAIL PROTECTED] (if you are not using the unixhierarchysep)
Thinking about it there is a script online somewhere that will take a
tab delimted file input in the format username password and create
mailboxes and passwords for Cyrus (I hacked it to delete mailboxes from
cyrus and sasldb2 because of changing accounts which is when I quickly
realised the admin was a pain when there was a database alternative -
something else to post somewhere one day)
Regards
SJM
Stuart Morrison wrote:
Jim
Add the following lines to your imapd.conf (can leave out the comments)
#this says turn on virtual domains and use the user input to decide
which domain the user is in (I think from memory)
virtdomains: userid
#you need to state which domains you will accept mail for
loginrealms: domain1 domain2 domain3 sub1.domain1 sub2.domain1
sub1.domain2 sub2.domain2
If you are creating users using saslpasswd2 see man saslpaswd2 to
create users in their own domain e.g.
saslpasswd -c joe -u domain1
I started out using sasldb2 authentication with virtual domains and
quickly realised that using a MSQL backend was much easier in the
longer term.
You do not mention what OS you are using but the basics of what I have
done are quite well documented (man imapd.conf is a very good source
of information).
If you want to explore MySQL backends:
For Fedora/Red Hat installs:
1) install pam_mysql.rpm
2) in /etc/sysconfig/saslauthd change the MECH to pam
3) edit /etc/pam.d/imap to include the details of your MySQL database
(web-cyradm contains scripts for creating a suitable database and
some quite good other advice about setup and looking at other posts
there is a patch for FQUN - I hacked it myself to work - I would not
really know how to release a patch). I have attached a copy of my
imap file (I can also authenticate exim with pam so I think you should
be able to do the same with Postfix if you are interested in that)
4) edit your /etc/imapd.conf (see man imapd.conf for detailed
descriptions - I have attached an annotated copy of mine to help you
along the way).
Hope this helps
Regards
sjm
Jim Norton wrote:
Ok I need to clarify.
I don't have a "joe" mailbox yet. I would like to be able to have two
"joe" mailboxes called for example: [EMAIL PROTECTED] and
[EMAIL PROTECTED]
In my current usage of Cyrus IMAP I've not been able to do this
because I've been creating users with a command like cm user.joe
..... Without the FQUN.
Then through the Postfix config files I tell Postfix which virtual
domain joe belongs to.
So currently "joe" can only exist in one virtual domain.
My question is how do I go about setting up users in Cyrus IMAP and
Cyrus SASL so that I "could" have a user "joe" in multiple virtual
domains?
Thanks for the replies everybody...
Quoting "S. J. Morrison" <[EMAIL PROTECTED]>:
-----Original Message-----
From: "Ciprian Vizitiu" <[EMAIL PROTECTED]>
To: info-cyrus@lists.andrew.cmu.edu
Sent: 08/04/06 10:50
Subject: RE: Virtual domains and [EMAIL PROTECTED] and [EMAIL PROTECTED]
I have TWO joes(s) in TWO different domains but they "live on the same
IMAP box... Because I'm using Cyrus IMAP the users mailboxes aren't
mapped to system accounts so Postfix just passes any mail to unknown
"non-system accounts" on to Cyrus for delivery. So the question
becomes how do I enable such a setup so that Cyrus will deliver the
mail to the correct mailbox?
OK you had one Joe on one domain and he was receiving mail fine.
You added
another Joe to another domain and now all mail goes to one of the
Joes. It
sounds like as Ciprian said it is an MTA issue. Postfix is
stripping the
FQDN before passing mail on to Cyrus.
Since he said that users to not exist as users on the underlying
machine to
me it looks like "virtual" and/or "virtual_mailbox" in Postfix. Simply
create a different joe say joesmith as a mbox on Cyrus and split
delivery in
Postfix via "virtual_mailbox" mechanism. But then obviously I'm no
Cyrus
guru, most likely it can also be done in a "pure Cyrus way".
Hi
I mentioned I do not use Postfix (I found Exim more suitable for me
- and although there is not a howto like the postfix one there is
very good docs on exim.org). When creating users in Cyrus using
sasl the domain can be specified meaning they are distinct. If a
MTA strips the domain from an email address and passess it Cyrus
will add the default domain to the user. This is the impression of
the problem I got from Jim's posts although if he has managed to
have mail delivered to virtual domains already this does not quite
make sense - basically if Cyrus is already delivering to multiple
domains I cannot see why there is a problem with users with the same
name before the @ in an email address (unless there is something
particular in Jim's configuration). Hope this is of some help to
Jim - if not let us have a look at imapd.conf and I might be able to
suggest something else.
Regards
sjm
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
------------------------------------------------------------------------
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
#a couple of admins for everybody and admins for each domain
admins: username1 username2 [EMAIL PROTECTED] [EMAIL PROTECTED]
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail.exim
hashimapspool: true
sasl_pwcheck_method: saslauthd
allowplaintext: yes
#This is not an internet facing server so PLAIN is acceptable
sasl_mech_list: PLAIN
sasl_sql_user: MySQL user
sasl_sql_passwd: MySQL pass
sasl_sql_hostnames: MySQL hostname
sasl_sql_database: MySQL database name
#The MySQL query that works for me!
sasl_sql_select: select password from accountuser where username = '%u%r'
#sasl_mech_list: DIGEST-MD5
#pwcheck_method: pam
#enable the following so that usernames can include dots
unixhierarchysep: true
servername: mail.teachers.uk.net
#if mail comes without FQDN the following is appended
defaultdomain: mail.teachers.uk.net
#virtdomains: on
#this says turn on virtual domains and use the user input to decide which
domain the user is in (I think from memory)
virtdomains: userid
#you need to state which domains you will accept mail for
loginrealms: domain1 domain2 domain3 sub1.domain1 sub2.domain1 sub1.domain2
sub2.domain2
tls_cert_file: /usr/share/ssl/certs/CA/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/private/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/CA/private/cakey.pem
------------------------------------------------------------------------
#%PAM-1.0
# Mail services
auth sufficient /lib64/security/pam_mysql.so user=MySQL user
passwd=MySQL password host=MySQL host db=MySQL database table=username_table
usercolumn=username_field passwdcolumn=password_field
#auth sufficient /lib64/security/pam_unix_auth.so
account required /lib64/security/pam_mysql.so user=MySQL user
passwd=MySQL password host=MySQL host db=MySQL database table=username_table
usercolumn=username_field passwdcolumn=password_field
auth required /lib64/security/pam_warn.so
account required /lib64/security/pam_warn.so
#auth required /lib/security/pam_debug.so
#account required /lib/security/pam_debug.so
#account required /lib/security/pam_permit.so
#account sufficient /lib/security/pam_unix_acct.so
------------------------------------------------------------------------
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
