Author: Vadim Vygonets Date: To: exim-users Subject: Re: [Exim] Re: using exim w/ more than 65000 users
Quoth ?ukasz Grochal on Tue, May 16, 2000: > Anyway, what I'm currently using is a modified POP3 server that checks
> usersnames and passwords against a custom /etc/whatever file that has
> a format of "username:hashed-password:extended user info".
It's fine for 400 users, but it will _not_ work for 100K users.
It will just be too slow. It's much better to use some sort of
database. I'm not sure Berkeley DB will cut it, but professional
databases (MySQL, PostgreSQL, and friends) and databases such as
DNS (Hesiod seems like a more logical choice in this case)
probably will. If you go with DNS (or Hesiod), you may also want
a caching-only DNS server on your mailserver machine. But you
may want to do it anyway.
> Hacking any POP3 daemon (except perhaps Cucipop
> which is a programmer's nigthmare :) and UW imapd is fairly simple;
I did hack Cucipop. Twice. Oh, this was fun. Pretty little
cute indentation style.
> you just don't use PAM or shadow passwords and substitute calls to
> getpwnam with calls to your own authorization function.
And you don't use getpwnam(3) or setuid(2), in case of 100K
users.
> In case of imapd
> I also map home directories to /var/spool/imap/{username}, but I have
> never checked if I won't end up with users being able to read each other's
> mail this way. I probably will ;) (it's the same system user, remember? :)
