[Dovecot] dovecot and AFS SOLVED
frank+lists/dovecot at linetwo.net
Wed Feb 10 17:41:20 EET 2010
IP-based access is totally fine if that part of your network is
physically secure. It sure solves a lot of headaches.
On 2/10/10 10:22 AM +0100 Per-Erik Persson wrote:
> Well, what you describe would be the correct and security aware way of
> doing it.
> However since I am still testing i just did it the quick and dirty way.
> By adding the IP of the server handling the maildeliveries to the group
> called mail-writers which has permissions on every users Maildir.
> Something like "pts adduser 22.214.171.124 mail-writers" if I remeber correctly.
> In theory this would decrease the load on the kdc and the afs server, but
> in practice I don't know if it would be possible to measure a difference.
> On 02/10/2010 09:56 AM, Steffen Kaiser wrote:
>> On Wed, 10 Feb 2010, Per-Erik Persson wrote:
>>> I now have dovecots deliver (1.1.?)up and running and delivering
>>> mails to maildirs located on the AFS
>>> So if anyone is wondering, I would say that AFS works as a backend
>>> for storing emails without any ugly patches.
>> Do you have a local keytab and use an kerberos account, that may write
>> to any AFS volume, in order to run deliver?
More information about the dovecot