Sandy Drobic wrote:
Jim Flanagan wrote:
Sandy Drobic wrote:
Jim Flanagan wrote:
So I guess my next steps are to set up my domain as a virtual domain (so I can add more domains later). And then set up the certs. You mentioned before to set up one cert to handle everything. In the past I has my hostname set up as mail.domain.com, and apache serving www.domain.com. I needed a cert for www.domain.com to handle my squirrrelmail users. So would i need a separate cert for that? Or could I redirect squirrelmail users to mail.domain.com?
Also, where do the TLS certs go, or would that use the same cert??
You need one cert for every hostname that you set up for ssl/tls. Of course, nothing hinders you to use "www.example.com" as your mx. (^-^)
Ok thanks. Will set those up.
One last question for now. Can you tell me how to set up this domain as a virtual domain, so I can add more separate domains later?
You just have to adjust the settings that now deal with the local transport:
# must NOT include the virtual_mailbox_domain: mydestination = localhost.$mydomain virtual_mailbox_domains = jimmee.local virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_addresses virtual_transport = lmtp:unix:/var/lib/imap/socket/lmtp
If you have several domains you probably want to authenticate not only with your localport as username but with the complete address, so you have to adjust saslauthd to use the complete address in /etc/sysconfig/saslauthd:
#SASLAUTHD_AUTHMECH="pam" SASLAUTHD_AUTHMECH="pam -r"
local_domains are useful for purposes that require scripts or interaction with the system.
I'm still not quite finished getting it right, and am not clear on a few points. I have postfix authing against saslauthd, setting up local users (with login to null), and cyrus imap working, I still am not sure how to set up virtual domains and users. I could really use a step by step guide with this, as I'm stuck on this point. Also, what happens with local messages to root under this setup? Where would warning messages to root go if I'm using virtual domains? Also, I have not done any certs yet, and am trying to minimize the number needed and keep them located in a central location. As I understand it I will need one cert for each incoming tls/ssl domain, meaning one for imapd. Another for smtpd. Another for squirrelmail on apache. Is this correct? And can they go in one directory, or should I use the default locations, for example /etc/ssl, and /var/lib/imap/ssl, etc. Thanks for your great help and patience. Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org