On 04/10/10 20:47 +0200, Andreas Ntaflos wrote:
Hi,
I will probably also post this to the Postfix mailing list but it is fundamentally an (Open)LDAP question so here goes:
Short version: What is a recommended way to set up virtual mail hosting based on OpenLDAP? I.e. providing mail and authentication services, like SMTP and IMAP, using Postfix and Dovecot, for multiple *independent domains* such as example.net, example.org, example.com?
A very flexible is to implement a pam/nss layer on top of your DIT that presents your users as fully qualified to your system software.
For instance, on my system performing a 'getent passwd' lists all of my user accounts as fully qualified accounts (e.g. jsmith@example.net).
Assuming that dovecot and your other server software do not strip domains, or at least strip them in predictable ways, then you can use pam/nss to export your users as system level users.
Of course, there are many reasons for implementing direct LDAP support in your software, but you can build up from NSS accounts into something more flexible, rather than spiral downward into trying to work around different LDAP implementations within your software.