[Novalug] Virtual vs real users and domains when setting up an Email Server

James Ewing Cottrell 3rd JECottrell3@Comcast.NET
Tue Jul 27 15:54:42 EDT 2010


Good article. One slight tweak. The spam assassin, as well as any other 
contol files can't be in the "user"s "home directory", as there are 
(often) no "users". However, the closest thing to a "home directory" 
might be the top level of the mailbox, the one that contains the "new" 
and "cur" directories in a maildir structure. Index files are often 
stored here too.

JIM

On 7/27/2010 1:42 AM, John Franklin wrote:
> On Jul 26, 2010, at 8:17 PM, Jay Hart wrote:
>
>    
>> Many of the procedures I'm seeing on the web for setting up email servers seem
>> to be to use virtual users and domains. See
>> [snip]
>>      
> I run a mail server like this, although not scaled up to the level of 300k users.  More like 30.
>
>    
>> What I need to know:
>>
>> 1. How is the mail stored on the box?
>>      
> However you like.  You can use mbox, or maildir or maildir+ or whatever formats are supported by Postfix and Dovecot (or whatever other IMAP server you choose.)
>
>    
>> 2. Is it viewable by editor?
>>      
> Real vs virtual users does not alter the way the mail is stored.  It may alter the UID of the files holding the mail.  Each user is given a mailbox home (a directory for Maildir, probably also a directory for mbox but I haven't tried) and a UID that will be the owner of that home.  The same UID can own all the mailboxes, only the mailboxes of a subset of users, or one UID per user, as you like.  Two users with the same UID should not be able to see each other's mail because they will be pointed to different mailbox home directories.
>
> How you allocate the UIDs is your business.  It could be one UID per domain, it could be one UID per office or department, or one UID for surnames A through H, another for I though R, and a third for S through Z.  The user record include the UID&  GID, the username (usually foo@example.com, but can be foo), and the mail home directory (e.g., /var/spool/mail/example.org/foo/).
>
>    
>> 3. Should I stick with my current model?  (It seems to work just fine)
>>      
> Depends.  Were you arguing for or against LVM in The Other Thread? You can look at this as the LVM of the mail world as it gives you the flexibility to add a lot of domains and users well beyond the limits of the system's UID size and without giving them anything close to shell access.
>
> If you do have a large scale operation (or just like redundancy), then the master-slave relationship between your database servers means an update at the head becomes a new user on all the boxes as soon as the transaction is replicated.  The mail server only needs to read from the DB, it never (IIRC) writes to it.
>
>    
>> 4. Has is spam handled/removed?
>>      
> By the mail server / milters / whatever is an identical manner to the system account model.  The .spamassassin directory obviously can't be in the user's home directory that they don't have.  I set up a system-wide one owned by spamd rather than a per-user one.
>
>    
>> I only have three users on my system, its not like I need an industrial
>> strength solution.
>>      
>
> Probably not, but then most of us don't need LVM on our desktops, either.
>
> jf
>
>
> _______________________________________________
> Novalug mailing list
> Novalug@calypso.tux.org
> http://calypso.tux.org/mailman/listinfo/novalug
>    
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.851 / Virus Database: 271.1.1/3030 - Release Date: 07/26/10 14:34:00
>
>    

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20100727/98cca7f7/attachment.htm>


More information about the Novalug mailing list