Author: W B Hacker Date: To: exim users Subject: Re: [exim] lock file
Alex wrote:
> I would like use maildir, but i'm on migration from cobalt 550, now
> all users are using openwebmail.
> And a good choise of Openwebmail is:
> All preferences,... is stored in the user home.
> I tested some webmail script (squirrelmail), but the preferences,.. is
> stored in a http dir, with a http uid and gid
>
Well - more options than answers from this corner, but...
I'd suggest 'neither of the above' if you look to a model that
is more secure and more maintainable.
- best if all users can be treated as 'virtual', even if some do
have shell accounts. Easier to secure, more portable.
- Almost any DB in common use, from 'heavy lifter' DB2, Oracle,
PostgreSQL down to LDAP, DBD, BDB, CDB - even flat files - can
be tasked with holding user ID's, login, and preferences.
- Generally, the lighter the DB, the better, if only for
robustness, as even MySQL can be gross overkill for what few
details the average mail system needs.
- After 6+ reasonably trouble-free years with SquirrelMail, I no
longer use it - or anything else that relies on PHP or Apache.
While that is a minority viewpoint, you may find others here
that agree that mail servers are happier if they are NOT also
running any sort of webserver.
After trying many webmail with Exim, Courier, and Qmail, our two
preferences are:
- a French designed 'webmail' app written in python that runs
within Zope/Plone for servers where we use Zope+ - not
otherwise. Squid provides the https front-end, Zope/Plone the
single-sign-on access control.
- more universal is a cut-down 'Usermin', written in perl, based
on an extension of an article Dru Levigne published in OnLamp.
https built-in.
In both cases, these can run on server 'A', while using POP or
IMAP to access multiple accounts on servers A, B, C, D, etc...
These are happy with our Exim+Dovecot, but also complaineth not
when used to access {other MTA + otherIMAP/POP} on other servers.
IOW - both act like remote desktop MUA's - not
"this-server-only" interfaces as SquirellMail does.
Both can store messages or attachments in the user's space (if
given any), for POP, IMAP, or just drafts, file backup, or
scratchpad.
Neither are pretty, UI-wise, but the ability to do one login
with a UID:PWD separate from any of the mail accounts, check
several accounts with one tool and one visit, and move stuff
betrween 'em, sure can save yurbutt for world travelers.
Security - with any such tool - is always a challenge. None are
100% bulletproof, all require careful attention to detail.