On 2.12.2011, at 1.03, Sven Hartge wrote:
Timo Sirainen <tss@iki.fi> wrote:
On 2.12.2011, at 0.41, Sven Hartge wrote:
Or switch to a virtual setup, where the users don't get real users on the imap server (they can't log in, so they don't need any real user on that server) and every mail is owned by your virtual mail user.
Well, it of course makes things easier, but from security point of view it's worse..
Of course. But using real users only works if every user is a PosixUser in LDAP (i.e. has a uidNumber and gidNumber). If this is not the case, then you are forced to use a virtual mail user setup.
Currently at least. This could be automated in a few ways.. Like simplest: uid = 1000 + md5sum(username) mod 64000. That won't necessarily be unique of course, but it's still better than mod 1. :)
I hope some day there won't be any problems with Dovecot using multiple UIDs.
Meaning?
There are different problems with multiple UIDs that are more difficult to solve than with a single UID. How to manage them, how to handle shared mailboxes, how to create home dirs automatically, probably other things. There are ways to solve these problems in one way or another.