On Mon, 21 Aug 2006 09:39:11 +0200, "former03|Baltasar Cevc" <baltasar.cevc@xxxxxxxxxxx> said: > Hi Malcom, > > > I am currently migrating a large number of IMAP/POP accounts from one > > server to another. The old server using a schema of CLIENTID-0, > > CLIENTID-1 etc as the naming schema, and it is required that the new > > server use the user@domain naming schema. > > You cold manage authorization using some database mechanism, where you > could have multiple users; however you would have to separate > authentication and autorization then. There would be one main problem for > which I don't known any solution now: you can't grant access to users in > a > different realm; and your old users are in the servername realm, your new > ones in their own domain's. > > Another possibility: perhaps Perdition or some other IMAP proxy can help? > I > don't use it yet, but it has some nice options, e.g. it can present > accounts on different servers on one frontend. So perhaps it has some > features that can help you. That's what I would suggest, use Perdition or Nginx (we moved to nginx because even with Linux 2.6 we hit limits around 20,000 concurrent connections, while nginx handles that without breaking a sweat) Our "saslperld" authentication daemon (which now talks about 6 different protocols, but anyway) could certainly handle this very easily. It already rewrites the username to connect to the backend so we can gracefully handle switching to username@domain logins for machines as we domain split them. Bron. -- Bron Gondwana brong@xxxxxxxxxxx ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
