Hi, Does anyone know what software is being used by ISP's to give addtional email accounts, without shell access? You get 1 login account, but can obtain additional email addresses usually free or for a small fee. What software do they use on the server-side?
Thanks -- There is a couple of ways that this could be done. By far the quickest solutions would be to do a little trick in the /etc/passwd file. For example, the normal shell account looks like this:
aritso:x:13662:10:Alex Rissleada:/export/home3/aritso/bin/bash The last part "/bin/bash" is the shell the user has, what you can do is change that to in invalid shell like so: aritso:x:13662:10:Alex Rissleada:/export/home3/aritso/bin/false Run the command `pwconv` for it to take effect. Now if the user tries to login it will automatically kick them out. You can also use tcpwrappers on your telnetd (and compile support in for OpenSSHD) so that it won't even let them get to a login prompt. tcpwrappers accpets or denies connections based on IP address. ( ftp://ftp.porcupine.org/pub/security/index.html ) With this method, the advantage is that it is quick and easy to setup and works with all existing program avaiable. The downfall to this, is that it isn't very flexiable and the scaleablility is limited. If you need to distrubate this among multi mail severs you can use NIS (very insecure) or NIS+ (secure, but complex to configure), but this isn't the best method. Also there is a limit on this to roughly 5000-6000 or so accounts. Another method would be to use OpenLDAP + mail server. OpenLDAP is a freely avaiable directory service ( http://www.openldap.org ). The combination I use is OpenLDAP + Qmail ( http://www.qmail.org ). Qmail includes both an SMTP and POP3 server (also IMAP server if I recall correctly). The patch to enabled LDAP support in Qmail is avaiable at http://www.nrg4u.com/ . Postfix if I recall correctly also has LDAP support, but I haven't tried this. Sendmail also has LDAP support in it's newest release, but I only worked with this shortly, also if you go with sendmail you will have to find a POP3 server that support LDAP, I could find one. The good things about using OpenLDAP + Qmail is that it is extremely flexiable and scaleable. You can distrubate your LDAP date base a cross multiply servers and also distrubate your Qmail servers (both SMTP and POP3) over multi (differant if need be) servers. Everyone can run off one machine or you can distrubate it across hunderds of servers. The amount of users is only limited to by what hardware you have avaiable. 1 machine running both Qmail server and OpenLDAP can easily do 8,000 users if you have really good i/o access. Also another good thing about using an LDAP database is you can get other (non-mail) programs that support it. For example there is an OpenLDAP - PAM module, ProFTPD supports LDAP. This means, you can say have one user only to be able to access email, and have another user only able to use ftp and another user to use both email and ftp and telnet, etc. Very flexiable. The other things, since everything is stored in an LDAP database you don't have to have entries in the /etc/passwd file. Only have the need accounts in the /etc/passwd (for example, on one machine there is only about 10 accounts, but it server email to 100 users). Virtual accounts is probably the word I am looking for. The bad thing? Takes a while to get everything compiled and for all the software to "play nice with each other". Not the easiest thing in the world to do, but alot easier in my humble opinion then to setup something like NIS+. There is also email aliases or forwarding. For example both sendmail and qmail have this option. Basically you have a real email account/ user on the system say called bob@domain.com you can setup an alias called robert@domain.com So anyone that sents robert@domain.com the email will automatically forward into the bob@domain.com. The robert@domain.com isn't a real account and you can't check it though pop3, you check the bob account and all the email is downloaded there. I don't think this is what you are looking for, if it is I can send over more information. I am not sure on how many users you have, or what type of setup you have over there, but atleast check in to the 2 methods above to see if either one will work for you. If not email me back with some more details on exactly what you are trying to do, number of users, etc and I will see if something would fit better.
-- Il brilgue: les t^oves libricilleux Se gyrent et frillant dans le guave, Enm^im'es sont les gougebosquex, Et le m^omerade horgrave. -- Lewis Carrol, "Through the Looking Glass" __ ----/ / _ ICQ # 81070861 ---/ / (_)__ __ ____ __ --/ /__/ / _ \/ // /\ \/ / -/____/_/_//_/\_,_/ /_/\_\ SuSE6.4Kernel2.2.10KDE1.1.2 7:35pm up 40 min, 2 users, load average: 1.25, 1.45, 1.18
------------------------------------------------------- -- Higgeldy Piggeldy, Hamlet of Elsinore Ruffled the critics by Dropping this bomb: "Phooey on Freud and his Psychoanalysis -- Oedipus, Shmoedipus, I just love Mom." __ ----/ / _ ICQ # 81070861 ---/ / (_)__ __ ____ __ --/ /__/ / _ \/ // /\ \/ / -/____/_/_//_/\_,_/ /_/\_\ SuSE6.4Kernel2.2.10KDE1.1.2 Bakhuizen-Friesland-Holland 9:30pm up 1:14, 3 users, load average: 1.71, 1.74, 1.70 -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq