Quoting Kevin Fries <kevin@xxxxxxxxx> Date: Thu, 13 Jan 2005 16:21:12 > You just proved our point. Not really. > Why do I need to do any of that? > > With Dovecot, WU, and Courier, it uses system accounts. Not only > that, Usermin allows the user to manage their own procmail/forward > files empowering the user, and relieving me, as the admin, from having > to do it. Plus, the user does not need to have the ability to log on > (restrict telnet, ssh, etc) for security reasons. And exactly how scalable are user accounts (the ones stored in flat file called /etc/passwd)? That will not scale well. Having Cyrus installation, and users existing only in database such as LDAP, Kerberos and/or SQL scales well. Even without database, users that exist only in /etc/sasldb2 are far better solution. With Cyrus users can manage their filters, vacations and forwarding using single interface: Sieve. Absolutetly no action needed on your part. Therefore I do not see any difference between managing Cyrus IMAPD installation, or any other IMAP server. The only difference is job needed to take away shell accounts from the users, and move them into Cyrus. Once that is done, it becomes easier. There are no more thousands of shell acounts to manage. Even if you insist on having shell accounts, .forward and .procmail files, and what not, Cyrus can work with those too. You are not going to take full advantage of Cyrus, but it will work, and there are people out there that use it that way. > And how do the Cyrus tools interoperate with other tools? The simple > answer is they don't. They are a bastard process that needs to be > managed separately. There are lots of ways to make the admin of the > user accounts more complex in an attempt to make the overall > administration easier. Tools to place user accounts in LDAP and MySQL > so the accounts can be reused for mail relay, pop/imap, but also ftp > and web access, such as Webmin and Postfix Admin. One admin tool to > handle it all. Dovecot, Courier, and WU will all work with that type > of system, Cyrus does not. It is very rare that I see a statement that is so far away from truth than the above. Cyrus uses LDAP, Kerberos, SQL, PAM, SASL or basically anything else you throw at it. In combination with SASL, it can use Kerberos the way it is intended to be used, unlike some other implementations that can do it only through PAM (in which case user's must type passwords -- which is not the way Kerberos is ment to be used, if you are using it that way, you might as well use NIS or LDAP). Actually, since Cyrus never uses local shell accounts (except for authentication, if that is the way you have choosen to configure it), that is the only way to manage your users. Therefore saying that Cyrus is closed in itself is as far from truth as it can get. It is far more open than other IMAP implementations, because it is designed that way. Of course, if administrator (in his ignorance) chooses to place user information in separate database for use exclusivly by Cyrus, that is administrator's decision. It isn't the way Cyrus is designed or ment to be used. You want to use Webmin or Postfix admin, and manage users in LDAP database? No problem. Just point Cyrus to your LDAP database, and it will be happy with it. Probably happier than Dovecot, and way more happier than wu-imapd. > That is why people think Cyrus is more complicated to administer. Actually, that was the reason why I wrote my first email in this thread. Complexity of managin Cyrus IMAPD is urban myth. -- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7