[OpenAFS] AFS and sendmail
Dan Pritts
danno@internet2.edu
Mon, 28 Jun 2004 11:25:32 -0400
On Mon, Jun 28, 2004 at 12:14:13PM -0000, amar deep kumar wrote:
> I am trying to put my email files on AFS space. im getting problem
> with AFS authentication, like sendmail should have proper tokens to
> write mail into users AFS space also pop or imap server should have
> proper tokens to read mail from user space. has any body tried this. I
> got something like auth-sendmail but i am not able to compile it on
> linux system. Or is there any other method to achieve this.
I've worked with a system like this in the past.
Notably, sendmail is not the thing that wants tokens - the local
delivery agent does (although I suppose if you gave them to sendmail
and used PAGs, the local delivery agent would inherit them).
The way we did it was to modify procmail (any other local delivery agent
would work) to get a token at delivery time.
For each real user ("foo") we created a pseudo user ("foo.mail") that
had write access to the user's mail spool. the passwords for all the
".mail" users were the same, and this password was hardcoded in the
procmail binary, or put in a file, or something.
You would need to handle file locking somehow. probably the easiest
way would be to use Maildir spools as your delivery target (which uses
one file per message and goes to lengths to avoid locking issues).
We did not address the pop/imap issue - we did this so that unix users
could access their mail file directly. IMO it's probably not a good
combo - if you want pop/imap i'd just go with a standard mail spool on
local disk.
If I had it to do all over again, I'd probably just do POP/IMAP with
spools on local disk somewhere and have my unix users use pop/imap.
danno
--
dan pritts danno@internet2.edu
systems administrator 734/352-4953 office
internet2 734/834-7224 mobile