[Dovecot] virtual users

Eugene genie at geniechka.ru
Fri Jul 12 12:12:58 EEST 2013


Hello Gab,

well the most attractive feature of virtual users is ease of administration. 
Adding a new domain and user is a matter of adding a couple of text lines 
(if using simplest text-based user databases), mail users do not litter the 
system user space, you do not expose system access to mail-only users, you 
don't have to create and manage email-to-sysuser mapping, each user logins 
simply by his/her email address, mail storage is separated from system home 
dir, etc...

In fact it is more convenient and consistent to use virtual mailboxes even 
for system users (e.g. admin), just add an alias root -> user at domain.zz
(Naturally system password and mail password are independent so they can be 
different for added security).

Of course in simplest form all virtual users use one system account but 
exploiting this would require circumventing Dovecot security which is pretty 
high. Also at most it would get access to other accounts' mail, not other 
system access.

Migration is really quite easy, actually I just created the virtual user 
infrastructure (postfix + dovecot) and then simply copied each Maildir 
directory from ~user/ to ~vmail/user at domain.zz/

Best wishes
Eugene

-----Original Message----- 
From: Gab IIpop
Sent: Thursday, July 11, 2013 5:31 PM
To: dovecot at dovecot.org
Subject: [Dovecot] (no subject)

>From the documentation, virtual users seem like a good idea if you plan on
having a lot of users. Although I'm wondering about the following:

What other benefits/consequences are there to using virtual over system
users and vice versa?

Will virtual users have the same protection as system users (system users
would use linux permissions, which is pretty secure)?

How easy will it be to switch from using system users to virtual users or
vice versa? 



More information about the dovecot mailing list