[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Virtual users or system users for a mail server

Marc Aymerich <glicerinu@gmail.com> wrote:

> Everybody seems to be configuring their mail server using virtual
> users instead of the traditional system user approach.

> I find system users easy to configure and even more secure, since IMAP
> and POP3 processes can run under the system user account (of course
> disabling shell access).

> I keep wondering if perhaps I'm missing some interesting advantage of
> using virtual user accounts?

> Anyone like to comment on this?

Supporting IMAP shared folders with seperate users is a major pain in
the lower back. This only really works painless if you only use one user
for the mails on the mail-server and and IMAP ACLs on top of that.

Also it allows you to support multiple domains without having to worry
about username collisions.

Third point: I don't have to add any NSS providers like libnss-ldapd or
libnss-mysql to my mail-servers, only the mail handling daemons (exim4,
postfix, dovecot) need to know the users. This reduces the complexity in
a bigger system quite a bit.


Sigmentation fault. Core dumped.

Reply to: