[OpenAFS] mail spool on AFS

Enesha Fairluck enesha@sunflower.org
Tue, 20 Nov 2001 10:34:47 -0500 

> Fine, then force them to use pop3 and webmail...  Just make sure
> ALL user applications use _SOME_ mail access protocol and not
> /var/spool/mail directly.

If you mean the clients, just about every client would.  At thit time there
are no local users, all mail would be read from the users desktop machine
via pop or imap or using webmail.

> I don't see what's so hard about providing pop/imap accounts.  If you
> can provide pop3, you can provide imap.  They are, essentially,
> equivalent (at least in terms of how they use /var/spool/mail).  The
> key point is that you have to keep users from accessing
> /var/spool/mail directly.

There is a misunderstanding...We do provide imap, you just said to have all
users use it, which can't happen right now:P  I assume tho that you were
really refering to use from unix via pine or something?

> Any solution with a distributed /var/spool/mail just will not scale.

Why would it not scale?  I was toying with the idea of making each users
mail file in that directory a volume and then load balancing across multiple
servers, and being able to enforce a different quota for mail than for the
standard files.

>
> Unfortunately, as Russ pointed out, AFS will not help you in this issue.
> File Locking in AFS is only advisory; it is not enforced.

So something like ~/mail/INBOX would be a workable solution?  Then having to
tweak and or recompile pop3/imap/etc?

Excerpt from "afs-faq" on faqs.org: (not the whole section)

Subject: 3.12  How can I set up mail delivery to users with $HOMEs in AFS?
  Method 1: deliver into local filestore

   This is the simplest to implement. Set up your mail delivery to
   append mail to /var/spool/mail/$USER on one mailserver host.

   The advantages are:

      + Simple to implement and maintain.
      + No need to authenticate into AFS.

   The drawbacks are:

      - It doesn't scale very well.
      - Users have to login to the mailserver to access their new mail.
      - Probably less secure than having your mailbox in AFS.
      - System administrator has to manage space in /var/spool/mail.
Method 2: deliver into AFS
   Advantages:

      + Scales better than first method.
      + Delivers to user's $HOME in AFS giving location independence.
      + Probably more secure than first method.
      + User responsible for space used by mail.

   Disadvantages:

      - More complicated to set up.
      - Need to correctly set ACLs down to $HOME/Mail for every user.
      - Probably need to store postman's password in a file so that
        the mail delivery daemon can klog after boot time.
        This may be OK if the daemon runs on a relatively secure host.

Seems to recommend NOT using a dedicated mail machine, but putting into
$home/mail or someplace, and indicates that the dedicated mail server
doesn't scale very well.

> -derek
>
> --
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord@MIT.EDU                        PGP key available
>