Hi

I've not done this but dovecot should be capable of doing what you want.

Try in dovecot.conf something like:

default_mail_env = mbox:/home/example/Mail/%u

(assumes each user's INBOX is actually called INBOX, otherwise add the :INBOX= option)

That sorts out the location bit - best to chroot the imap server process and deny full filesystem access so they can't get to each other's mail.

That just leaves the authentication/userdb bit (shamelessly lifted from docs)

auth_userd = pgsql /etc/dovecot-pgsql.conf
auth_passdb = pgsql /etc/dovecot-pgsql.conf

and in dovecot-pgsql.conf: connect = host=sql.example.com dbname=virtual user=virtual password=blarg user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' password_query = SELECT password FROM users WHERE userid = '%u' default_pass_scheme = PLAIN

The user_query = is pretty much just showing the username is valid or not and forcing the UID/GID. You *could* store the location of the mail directory as "home" the use mbox:%h instead - or in my example not bother.

I'll offer some out of band advice - if your users are fairly static, I would advise storing dovecot's user list and passwords in a flat file which can be auto-generated from Postgres regularly. It just makes it easier to take the database offline for maintenance without forcing everything to a halt. Live DB driven services are good for sites with high data turnover like portals or ISPs - giving an instant reposnse to things like a new user registering - but sometimes it's more trouble than it's worth.

We used to tie exim into postgres - but if postgres fell over for a night we got a big pile of trouble in the form of mega mail queues.

Munge that lot to fit your server/table layouts etc and common UID/GID

You have the choice of holding the plain passwd, a PLAIN-MD5, DIGEST-MD5 or a crypt version in the database. However - choose wisely based on what the mail clients will support - there's a lot of variation. Sylpheed will do PLAIN or CRAM-MD5 only. You may find that despite the obvious issues, PLAIN is the best to use as everything can use it. Or if the user's already authenticate via some other mechanism, use that if dovecot supports it.

Hope that helps.

Tim

On Tue, 20 Jul 2004 23:41:13 +0100 Rory Campbell-Lange rory@campbell-lange.net wrote:

Hi!

I'm looking forward to deploying dovecot as an IMAP server. I did some research into the various options and it looks like dovecot is the right daemon for me. I'll be using it with Exim.

I am running a few tens of users on my server, most of them small numbers of people part of a small company, e.g. example.com.

At present I have exim delivering to mbox in each virtual user's mail folder. So, for chris, john and mandy @ example.com, I have

/home/example/Mail/
    chris
    john
    mandy

All of the users in example.com run under the same uid and gid (example). I like to separate these 'virtual' users from the real system users for security reasons. I presently serve up these mboxes via teapop, which allows for per-domain configuration. I couldn't find a similar setup after a cursory read of the config file examples on the dovecot website.

I'd like some advice on how to support different non-system users under dovecot, ideally storing mail in a similar configuration to above, except (presumably?) that the user files will be under each user name? Thus:

/home/example/Mail/
    chris/
    john/
    mandy/

I may use postgresql to store user configuration data if appropriate.

Advice gratefully received. Rory

Rory Campbell-Lange rory@campbell-lange.net

-- Tim Southerwood