I’ve been wanting to move everybody.org to LDAP-based backend for email and authentication. For the longest time, I was stuck on the idea of using Cyrus IMAPd — the server is the basis for much of what is done with IMAP. However, although it is designed for large sites, it is not designed with virtual domains in mind. I was so stubborn when it came to using Cyrus that I even looked at embedding a Perl interpreter into Cyrus to help it at the Authentication/Authorization stage. It worked — somewhat. This is impressive because I am not a C programmer. It is a huge credit to the authors of the documentation that comes with Perl. I certainly have very few qualms now about embedding Perl wherever I feel it would help me.

Still, for all my stubbornness and grunting, Cyrus wasn’t designed for virtual domains. It is a bit too monolithic as well, which makes it less flexible. After looking a bit, I dug a little deeper into Courier IMAPd and found that it would do what I wanted and it is packaged to do what I want out of the box on Debian. And, although there is a Courier SMTP server, I decided to stick with Exim since it already has Perl embedded and, as a result, allows an enormous amount of flexibility.

Last night, I successfully got Courier IMAPd up and running. Since it authenticates using an email address for the username, it is perfect for virtual domains. I was a little leery at first, but it turns out that the Authdaemon backend (which supports LDAP) actually works quite nicely.

It is all maildir, though, so that will be a change for our shell users. (Though, technically, I could allow them shell access to mbox mail or POP/IMAP access to maildir mail.) The stats seem to show that only Jeff and I really use the shell access, so I’m not really worried about that, though. New shell users (if we get any) will have to use a maildir client.

Since I have that done, I plan to write up the plan for transitioning everybody.org to Debian tomorrow, test it this week and execute it next weekend.

The major changes that will be happening are:

  • Move from FreeBSD to Debian
  • LDAP-based backend.
  • Kerberos support implemented.
  • Virtual domain support for email.

All this should be transparent to the end users if it is done right. Which is why I’m writing up the migration plan and testing it thoroughly.

One thought on “”

  1. praise or not

    Oy-voy and to think I felt a failure for not bragging to you and your siblings about how terribly smart you were.

    Reminds me of another study I read this past week … about how filthy dirty mice were actually healthier and more immune to disease than rats kept in a sterile lab … At death the immune system of the lab rats showed a great deal more stress.

    Children allowed to be dirty, to get hurt once in a while, to strive to achieve and please, are better off than the super protected, pampered and praised peers. Which I suppose also explains why not all the poor stay poor … many strive to reach wealth and not all the children of wealthy live up to the blessings of having had many grand opportunities, but sort of slide by on their parents’ wealth of cash and praise and protection.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.