> So just to be clear, each user has a login on your mail server in > /etc/passwd? If so, I would strongly urge you to move to using only > virtual users on your mail infrastructure. >Why? Just disallow login, and that is from the perspective that a mail user should be limited mail resources. I argue exactly the opposite. Keep as much as possible linux users. As linux has been engineered for allowing multiple user accounts, and most other virtual user providers that are used here, have not.
>>>>> "Marc" == Marc <Marc at f1-outsourcing.eu> writes:>> So just to be clear, each user has a login on your mail server in >> /etc/passwd? If so, I would strongly urge you to move to using only >> virtual users on your mail infrastructure. >>Marc> Why? Just disallow login, and that is from the perspective that Marc> a mail user should be limited mail resources. If the user does NOT need to login to the dovecot/mail servers, then not having these users at all is more secure. Marc> I argue exactly the opposite. Keep as much as possible linux Marc> users. As linux has been engineered for allowing multiple user Marc> accounts, and most other virtual user providers that are used Marc> here, have not. I'm having a hard time to parse what you are saying here. I'm saying that if the mail/dovecot server is only providing mail services, then putting all the users (across multiple domains even) into a virtual user database is more secure and more scalable. General users don't need accounts on the mail server, and security in depth argues that keeping them off the server entirely is a good thing. John
hi Marc, That's correct, I have an account for each users.. Which is great perfect for now.. but if the system is growing up.. if a user change, this is a lot? work..? I would prefer to get and standard mailbox.. and then let suppose that a user is changing, you? just login and passwrd.... eventually, delete or keep the previous emails... and that's it ! I using sendmail, but this is not clear how to share the same passwrd file, than Dovecot.. to be honest I should be able to get a file to manage on Sendmail, login and passwrd attached to the mailbox... Nb1 On 1/25/22 09:39, Marc wrote:>> So just to be clear, each user has a login on your mail server in >> /etc/passwd? If so, I would strongly urge you to move to using only >> virtual users on your mail infrastructure. >> > Why? Just disallow login, and that is from the perspective that a mail user should be limited mail resources. > > I argue exactly the opposite. Keep as much as possible linux users. As linux has been engineered for allowing multiple user accounts, and most other virtual user providers that are used here, have not. > > > >