[OpenAFS] AFS and sendmail

[Dan Pritts]

On Mon, Jun 28, 2004 at 12:14:13PM -0000, amar deep kumar wrote:
>     I am trying to put my email files on AFS space. im getting problem
> with AFS authentication, like sendmail should have proper tokens to
> write  mail into users AFS space also pop or imap server should have
> proper tokens to read mail from user space. has any body tried this. I
> got something like auth-sendmail but i am not able to compile it on
> linux system. Or is there any other method to achieve this.

I've worked with a system like this in the past.  

Notably, sendmail is not the thing that wants tokens - the local
delivery agent does (although I suppose if you gave them to sendmail
and used PAGs, the local delivery agent would inherit them).

The way we did it was to modify procmail (any other local delivery agent
would work) to get a token at delivery time.

For each real user ("foo") we created a pseudo user ("foo.mail") that
had write access to the user's mail spool.   the passwords for all the
".mail" users were the same, and this password was hardcoded in the
procmail binary, or put in a file, or something.   

You would need to handle file locking somehow.  probably the easiest
way would be to use Maildir spools as your delivery target (which uses
one file per message and goes to lengths to avoid locking issues).

We did not address the pop/imap issue - we did this so that unix users
could access their mail file directly.  IMO it's probably not a good
combo - if you want pop/imap i'd just go with a standard mail spool on
local disk.  

If I had it to do all over again, I'd probably just do POP/IMAP with
spools on local disk somewhere and have my unix users use pop/imap.

danno
--
dan pritts                                       danno@internet2.edu
systems administrator                            734/352-4953 office
internet2                                        734/834-7224 mobile