Considerations for a not so simple set-up ...

[Lars Hanke]

I want to set up a new IMAP server with Dovecot, so far I've been 
running Cyrus. I'm running dovecot on Debian Jessie. The general idea of 
the system would be:

1) Virtual users, i.e. login users are disjoint from any mail accounts.
2) Real-Users authenticate using their kerberos tickets.
3) There is a n-to-n mapping of real to virtual users.
4) Maildirs shall be stored on glusterfs.
5) Fallback passwords for cloud access

Concerning 1) and 2) I keep reading that this is possible, but I could 
not find any concise and current description. I'd welcome pointers to 
howtos.

Concerning 3) this should be a matter of ACL, e.g. a single real user 
(kerberos pricipal) may have several mail-boxes (virtual users), and 
groups of real users may share the same mail-box. I have a faint idea, 
how this could be done in Cyrus (but never did that), but I read that 
these features should exist in Dovecot as well. But I'm completely lost 
to even figure out a starting point. I appreciate any keywords for 
further reading.

Concerning 4) I read that there are some issues using NFS. Are there any 
caveats when using gluster?

Concerning 5) Users logging in from outside may not have TGT on their 
notebooks, which by design should run as stand-alone. They should 
nevertheless be able to access their mail. I currently think of another 
set of real users, but anything less messy is welcome.

Did someone try something similar, already?

Thanks for your help,
  - lars.