-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
David wrote:
I'm seeking a small IMAP server, and dovecat was recommended by those more savvy than me. (The sign on my monitor is "My programming language is solder..") so I'll be getting help to deploy this, but first...
I've read through the wiki docs but still have questions, ones likely too obvious for most readers....
There will be <100 users, the platform will Debian, and I need IMAP/PO over SSL/TSL and locally-hosted Squirrelmail [unless someone has a better webmail client...]. Other boxes here run postfix, so that is a first choice.
I don't use postfix, but I have basically the same setup using dovecot.
Clients will be Eudora, maybe TBird/Apple mail; no M$ Outlook.
A) I need multi-domain support, with joe@xyz.com and joy@qbc.net being separate users.
although I personally don't do this (for lack of need, really), it should be doable. You'll want to make sure that whatever back-end you're using for postfix to support multi-domains is configured appropriately for dovecot as well. (for example, if you're using LDAP or MySQL backend for virtual user support in postfix, you'll want to use the same for dovecot) someone with more experience in this should probably offer more details.
B) I have a problem with storage-abusers & really want the carrot-stick quota system my favorite ISP, Panix, has. You get N bytes {or messages, I can live with either/both} and when you get near, you get nagged until you solve it.
I personally use filesystem quotas. with this, if the user goes over quota they are no longer able to receive email. my current setup will permfail incoming mail if the system is unable to store it with an error stating "user over quota." this is my preference.
I also wrote a custom script (which is basically just like warnquota, only supports Japanese text) to run twice daily to check users' quota usage and send them email if they're over their soft limit. users over the hard limit or beyond the grace period no longer receive mail and thus don't get those nagging emails either. the script also sends a summary report to my sysadmin account.
(this specifically has nothing to do with dovecot or any other IMAP/POP server however)
When you exceed quota, you get no more incoming mail, just nagging. It's shunted aside until you make room. After D days, if it's still there, the shunted mail is returned.
if you use dovecot LDA (deliver) then this is the default (possibly non-configurable) behavior. deliver returns a TEMPFAIL if it cannot write the new mail to user's storage device. this is at least the case for filesytem quotas. if you're going to have strictly virtual users, you'll need to use something like maildir quotas which may have different behavior.
Regular reports as to who's naughty and nice would be great.
you'll likely need to write your own script(s) to do this, depending on how you implement quotas. this specifically has nothing to do with the IMAP/POP server however.
C) Password changes. How can I have user-changable pw's, with crack/sanity checking of the new ones? Do I have to have accessible shell accounts on the box for each user? [argh]
To my knowledge, dovecot (or rather, most IMAP/POP servers) does not handle password change requests. I know that early versions of Eudora had a "Change Password" option, I'm not sure if that's still there but that option is not common in modern email clients.
You'll need to choose your user management tools properly according to your needs. (i.e. do you use LDAP or MySQL for your backend database? what types of management tools are provided with each? will you have to provide your own tools? etc)
D) Spam: assume I can run spam-assassin and have it move suspected mail into a Junque mailbox; true?
this only applies to dovecot if you're using dovecot-LDA (deliver) as your local delivery agent. and only if you're using its sieve support to do server-side pre-processing of your mail. Otherwise, this is specific to your MTA/LDA
E) Non-guru creation/deletion of accounts: It appears from "Virtual Users" that this is possible via a text file, but I'm not sure...
you can use a passwd style text file as your authentication backend with dovecot, but the question is will your MTA (postfix?) support that for accepting mail? probably not. so you'll need to look at other common options (such as LDAP or MySQL) and what tools they provide for user management.
if you create system "real" users, you could use this passwd style text file solely for IMAP/POP authentication. by doing this you could prevent shell logins by having completely different passwords (or possibly just having the real account disabled while allowing authentication for IMAP/POP access separately)
It's not the cleanest solutions, but I personally just create real user accounts on my system (i don't have the need to distinguish by domains however) with a shell that prevents logins but allows IMAP/POP connections. I then use a plugin to squirrelmail to allow the users to change their passwords. As stated before, i use filesystem quotas and some custom scripts for reporting/nagging.
HTH
Alan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEoyshE2gsBSKjZHQRAjsLAJ4qVDR56asT5oS+L4typ5tH7pgv+QCg5OVj qVyUsxMOZ1HI9bAQU2yECpE= =9xws -----END PGP SIGNATURE-----