At Thu, 11 Jun 2009 17:37:34 -0700 (PDT), Andrew Morgan <morgan@xxxxxxxx> wrote: Subject: Re: murder and autocreate (I know it is not supported) > > >> Why make everything far more complicated than it needs to be? > >> Especially things related to user management? > >> > > > > A valid point to mailbox creation, but what would delete the mailbox > > when a student graduates? > > It is really quite trivial to write small scripts (perl, php, python, etc) > to manage Cyrus mailboxes. I don't know why folks do all this work by > hand... Who said anything about doing anything by hand? (or mailbox deletion, for that matter :-)) > I don't like the thought of Cyrus creating mailboxes on its own. One can > simply add mailbox creation to all the other steps of provisioning a new > account (creating an LDAP entry, making a home directory, setting quotas, > etc). Cyrus autocreate isn't creating mailboxes "on its own" -- it's creating them at the demand of, and under the guidance of, the MTA So, if something screwed up, as things inevitably do, even with all kinds of fancy special local script hacks that are supposed to be doing this mailbox creation, and the MTA is able to see that an account is valid and it should accept mail for it, but the screwup means that Cyrus doesn't have a mailbox waiting to receive the mail that the MTA just accepted on good authority of the authentication database. User management tools should NEVER _ever_ have anything to do with mailbox _creation_. The (modern) MTA _must_ validate the addresses. Since it already has to do this job the LDA really must just trust it, else the problem solved by the MTA's validation of addresses is effectively dissolved and broken. Therefore Cyrus _must_ create mailboxes automatically for addresses presented to it by the MTA. I suppose for the paranoid Cyrus could also validate the existence of the user account, but it's hardly necessary if your MTA/LDA/Cyrus implementation is secure. I'm really not sure why anyone would worry about Cyrus creating mailboxes. Things have worked this way for nearly forever in Unix systems. The mailer always creates mailboxes automatically for users who are known to exist. -- Greg A. Woods +1 416 218-0098 VE3TCP RoboHack <woods@xxxxxxxxxxx> Planix, Inc. <woods@xxxxxxxxxx> Secrets of the Weird <woods@xxxxxxxxx> ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
