I said: >> I'd consider that a rather sane decision. Back when my distribution >> had user accounts with shell access, I had custom rules disabled too.
LuKreme wrote: > Sue, but how long ago was that? Not sure I approve of that nickname... That was ~3y ago. > The way to properly host people now is with virtualization. They > have their 'own' machine and what they muck up can only much up > THEIR "machine". Might not be the best choice for a small hosting > company, but for a large one anything else seems senseless. Heck, > even for me, if I ever get back into hosting it is going to be > purely with virtualized machines. You want ftp and non-secure > email? Knock yourself out. I have a restore image handy to put the > system back when you get totally pwned. Ah, you're talking provider-level deployments while I'm talking corporate-level deployments. Even at your higher level, I think it's a waste of IT time and resources to dedicate servers on a per-customer basis (unless the customer is a giant and actually needs such allocation), regardless of whether the server is virtual or not. Mail is its own thing and should be dedicated rather than with separate servers for each tenant or hosted on a server that serves other purposes. At the provider-level, mail is provided as IMAP accounts rather than configurable servers. The most the users should be able to do is train Bayes and perhaps tweak their accounts' SA user_prefs. For web and ftp et al, I fully agree that you should hand off a VM or jail (recently found to be more efficient, as noted at http://bsd.slashdot.org/story/09/06/02/0043258/#) and let them at it. >> The reason is that some people don't understand how to write >> rules, putting mundane words, often without word-breaks, or >> enormous globs that just destroy the system's efficiency. Then >> they score these poorly-written rules with ten points and wonder >> why they're missing so much mail. > > Yes, and people buy chainsaw to cut down trees and take off their > legs. This is not the fault of the store selling the chainsaws. > This is why you make sure they can only touch their own trees. You're proposing wasting IT resources on providing tons and tons of trees (legs?), presumably at little or no cost to the customer, for customers who don't understand their chainsaws. Customers tend to prefer advice or configurations that prevent them from severing a leg, or even more important (to you), from severing another customer's leg. If somebody wants to roll their own hosted mail server, let them buy a VM and do it from scratch, fully outside of your clean and efficient multi-tenant implementation, but this shouldn't be marketed at all; it should be an option for the tenant that wants more than you can offer/support and has the in-house expertise to get it done. -Adam -- Adam Katz khopesh on irc://irc.freenode.net/#spamassassin http://khopesh.com/Anti-spam
