In a single domain email system, user / password is the simplest, where username=bob and password=secret.
In a multiple-domain or virtual-domain system, usernames can be duplicated. This creates an ambiguity of names. There may be many email names that start with bob, for example, so it is necessary to use a form like username= [EMAIL PROTECTED] and password=secret. It is very common in virtual-domain-mail-systems to login or authenticate with a username like '[EMAIL PROTECTED]' because the email name bob may exist in several domains, like '[EMAIL PROTECTED]' and '[EMAIL PROTECTED]'. And these email names may or may not be the same linked to the same user-account to make things more complicated. Using this '[EMAIL PROTECTED]' form disambiguates the username. If you want different passwords for every account, then create a different account with one alias per account (in the dbmail system). My multi-domain postfix/dbmail mail server setup to use the '[EMAIL PROTECTED]' form for the username in the postfix MTA. If anyone is interested, my pam_mysql config looks up the login-name in the aliases table for smtp auth, and gets the password from the users table... it takes some clever parameters to do this, but I was able to get pam_mysql to do this without any code changes. I will post it if anyone wants to see how to do it. I have followed some of the posts related to this issue, and agree that the auth/login process for dbmail-pop3d and dbmail-imapd should use the alias in the form of '[EMAIL PROTECTED]' instead of the username and lookup the password by referencing the user_id of the alias and subsequently looking up the password in the user table corresponding to the user_id. Perhaps there could be a config option that allowed both ways of authentication. What do the code maintainers think about this? Agreed the alias way is slightly less efficient because it requires a SQL quesry involving two tables instead of one, but I think it is cleaner for authentication. That way users will put the same username ([EMAIL PROTECTED]) for their mail-clients smtp auth and pop/imap auth, and of course the same password too. I would be willing to do the coding... --Dave > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Aaron Stone > Sent: Friday, January 24, 2003 2:13 PM > To: dbmail@dbmail.org > Subject: Re: [Dbmail] Postfix - why aliases? > > The typical use is to have 'user' as the username, not '[EMAIL PROTECTED]' > > So your email comes to [EMAIL PROTECTED], in the aliases table, but when you log > in you just type 'user' and your password. By no means is this a rule, and > for your application, it does certainly seem cumbersome! > > Aaron > > > On Fri, 24 Jan 2003, [iso-8859-2] Jan Pavlík wrote: > > > Hi, > > i want to ask only, why must be username like alias in "aliases" when > use > > Dbmail with postfix with this transport? It isn't easily search aliases > and > > when no alias found, search then users? > > I don't understand this... > > > > > > INSERT INTO aliases VALUES (1, <mailto:'[EMAIL PROTECTED]'> > > '[EMAIL PROTECTED]', '1', 0); > > INSERT INTO users VALUES (1, <mailto:'[EMAIL PROTECTED]'> > '[EMAIL PROTECTED]', > > 'x', 0, 0, 'crypt', '2003-01-24 19:47:25'); > > -- > > > > dbmail unix - n n - - pipe > > flags= user=dbmail:dbmail argv=/usr/local/sbin/dbmail-smtp -d > ${recipient} > > > > -- > > Jan PAVLIK > > [EMAIL PROTECTED], [EMAIL PROTECTED] > > mobil +42 0777/555730 > > ICQ 6611951 > > ROOTSHELL.CZ - Make it easy and better! > > > > > > > > _______________________________________________ > Dbmail mailing list > Dbmail@dbmail.org > https://mailman.fastxs.nl/mailman/listinfo/dbmail
