Re: Mail servers for large numbers of users
On Sat, Dec 11, 1999 at 06:27:58PM -0800, George Bonser wrote:
> On Sat, 11 Dec 1999, William Burrow wrote:
>
> > qmail can handle an unlimited number of users in an unlimited number of
> > domains using the likes of vchkpw. Check out:
>
> So can exim. The problem is not delivering email via smtp ... the problem
> is accessing it via IMAP. If you have >64K users, how do you set
> permissions so that one user can not deduce the path to another user's
> directory and potentially read their mail?
Oops, missed the IMAP bit, was looking at POP3. Anyway, it sounds like
some kind of problem with the IMAP server. Perhaps you can elaborate
in private email the particular problem that an IMAP server has in
this regard. Then it will become possible to search out a solution.
> The problem will be corrected soon with the raising of UIDs from 16 bits
> to 32 bits but until then, how do you make sure that each user can only
> access their own directory from anywhere on the planet if you have more
> users than UIDs?
You design your server to separate the paths that users are permitted to
access in a consistent, logical manner. The fact that a path exists to
the user does not mean it maps directly to any shared path on the server.
Think of virtual domains and web sites. UIDs are irrelevant.
For reading email, I cannot see any reason to allow an external user to
peruse the entire system directory structure. It doesn't make sense.
Excuse my ignorance on how this service is implemented, but I can't see
this being a problem in a properly designed system.
--
William Burrow -- New Brunswick, Canada
A 'box' is something that accomplishes a task -- you feed in input and
out comes the output, just as God and Larry Wall intended.
-- brian moore
Reply to: