On Thu, Apr 22, 2010 at 10:43 AM, Rainer Frey rainer.frey@inxmail.dewrote:
If you can't wait for Dovecot 2.0, you need to use dovecot deliver, but you should set it up as a pipe transport in master - see http://wiki.dovecot.org/LDA/Postfix for virtual users. mailbox_command again is for real system users only.
Basically what I expect to be doing is:
Postfix listens on SMTP for incoming MX mail to local (as in virtual, not system) users.
Postfix listens on Submission, encrypted only, and authenticates users to submit mail for delivery anywhere.
Dovecot listens on encrypted IMAPS and POP3S for user authenticated access to mailboxes.
Everything but MX to SMTP on port 25 shall be encrypted only. If I can force the use of STARTTLS on the non-encrypted ports, then it would be OK to use them that way. But I do not want to give any user an option to not be encrypted.
Passwords stored encrypted, such as MD5. And it should be a scheme that both Postfix and Dovecot can use so I don't have keep two different encryption schemes.
I'd prefer not to, but it looks like I will have to copy data from one format to another format so Dovecot can read it and Postfix can read it. I will most likely be using the CDB format (the constant database file format from Dan Bernstein ... which I'd think should be easy enough for a future version of Dovecot to support).
I am wondering if I can trick Postfix into reading virtual user info by running it chrooted where I substitute /etc/passwd and /etc/shadow with stuff I generate from Dovecot files.