Hello Gab,
well the most attractive feature of virtual users is ease of administration.
Adding a new domain and user is a matter of adding a couple of text lines
(if using simplest text-based user databases), mail users do not litter the
system user space, you do not expose system access to mail-only users, you
don't have to create and manage email-to-sysuser mapping, each user logins
simply by his/her email address, mail storage is separated from system home
dir, etc...
In fact it is more convenient and consistent to use virtual mailboxes even
for system users (e.g. admin), just add an alias root -> user at domain.zz
(Naturally system password and mail password are independent so they can be
different for added security).
Of course in simplest form all virtual users use one system account but
exploiting this would require circumventing Dovecot security which is pretty
high. Also at most it would get access to other accounts' mail, not other
system access.
Migration is really quite easy, actually I just created the virtual user
infrastructure (postfix + dovecot) and then simply copied each Maildir
directory from ~user/ to ~vmail/user at domain.zz/
Best wishes
Eugene
-----Original Message-----
From: Gab IIpop
Sent: Thursday, July 11, 2013 5:31 PM
To: dovecot at dovecot.org
Subject: [Dovecot] (no subject)
>From the documentation, virtual users seem like a good idea if you plan on
having a lot of users. Although I'm wondering about the following:
What other benefits/consequences are there to using virtual over system
users and vice versa?
Will virtual users have the same protection as system users (system users
would use linux permissions, which is pretty secure)?
How easy will it be to switch from using system users to virtual users or
vice versa?