Re: Virtual users or system users for a mail server
Marc Aymerich <email@example.com> wrote:
> Everybody seems to be configuring their mail server using virtual
> users instead of the traditional system user approach.
> I find system users easy to configure and even more secure, since IMAP
> and POP3 processes can run under the system user account (of course
> disabling shell access).
> I keep wondering if perhaps I'm missing some interesting advantage of
> using virtual user accounts?
> Anyone like to comment on this?
Supporting IMAP shared folders with seperate users is a major pain in
the lower back. This only really works painless if you only use one user
for the mails on the mail-server and and IMAP ACLs on top of that.
Also it allows you to support multiple domains without having to worry
about username collisions.
Third point: I don't have to add any NSS providers like libnss-ldapd or
libnss-mysql to my mail-servers, only the mail handling daemons (exim4,
postfix, dovecot) need to know the users. This reduces the complexity in
a bigger system quite a bit.
Sigmentation fault. Core dumped.