[OpenAFS] afs tokens & local mail delivery

ph rhole oper slitbit@fastmail.fm
Tue, 22 Nov 2005 01:40:42 +0200


On Sun, 20 Nov 2005 22:26:24 +0100, "Lars Schimmer"
<l.schimmer@cgv.tugraz.at> said:
> ph rhole oper wrote:
> > lmtp daemon of Cyrus IMAP, is supposed to deliver mail localy.
> > 1) Does it support getting afs tokens, and delivering mail in user's
> > home directory?
> > 2) If it does, will it need permanent afs tokens?Or can it obtain afs
> > tokens right after=20
> > a user logins (using it's krb5 creds)?
>=20
> As fas as I know, Cyrus has its own datastore and is only  a POP/IMAP=20
> program.
> But you could split the cyrus datastore in small parts and store this=20
> all over the net. I won't do this via NFS or AFS because of speed
> reasons.
mmm...what about lmtpd?
> For a real mailserver you need something like exim or sendmail.
> And again, because of speed reasons a dedicated machine with exim4/cyrus=
=20
> on it is best. And it is much better to backup with a central database=20
> for mail.
thankfully we're running a light-duty network at the time..
> And if you are using krb5, cyrus and exim4 are capable of krb5-auth.
>=20
> But to answer your question: only with a correct token/ACL pair, a=20
> service could write to a special directory in AFS.
sure..
> For services there are "machine accounts" which are IPs as users
what do you mean "there are", i haven't seen anything like this in the
openafs documentation.Or is it a sysadmin hack?

> resulting in a PC with a special IP "possessing a legal token" as the
> user.
>
sounds interesting..could you elaborate more on that?
>=20
> Bye
> Lars
> --=20
> -------------------------------------------------------------
> TU Graz, Institut f&#252;r ComputerGraphik & WissensVisualisierung
> Tel.: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
> PGP-Key-ID: 0xB87A0E03


thanks in advance

--=20
http://www.fastmail.fm - And now for something completely different=85