["Followup-To:" header set to comp.unix.bsd.freebsd.misc.]
On 2005-03-17, Madhusudan Singh wrote:
> Hi
>
> I am configuring my first proper mailserver for a small group (10-15) of
> people. Nearly all of these users will be using M$ outlook to read their
> email via imaps (I am trying out dovecot) and send email via smtps.
>
> Now, how does a windows user who does not have a unix passwd style account
> on the machine that runs the mailserver authenticate ? How do I set up
> their passwords and give them the ability to change those passwords ?
>
> Thanks.
What you're looking for is a solution using virtual accounts. How you go about
it is largely up to you - several solutions are possible. You use a user:group
which owns all the mail directories but has no password/shell so can't directly
log in. I'm not familiar with dovecot, but usually logging in to IMAP occurs in
stages - when the user initially connects a simple daemon gets his username and
password (it only knows a few IMAP commands) and then passes these values to an
authentication process. It's this process (which may be part of your base IMAP
install or may be something you wrote yourself which understands how your system
works) that will look up the username and password then, if login is allowed, it
passes the path to the mailbox, uid:gid, and any other relevant information (via
environment/command line) to the real IMAP server which is now launched. The
server switches user, changes path to the mailbox, and off it goes.
So, you can have usernames and passwords in a simple text file, in a LDAP or
SQL database, or anywhere else which suits your needs. Most IMAP implementations
will come with some form of virtual user support built-in. If you host more than
one domain you can have a different virtual user for each domain, or have them
all under a single account. If your IMAP server doesn't support virtual accounts
then you can't do things this way.
-Adrian
FAQ
Search
Profile
Private Messages
Log in
