From: /dev/rob0 (rob0gmx.co.uk)
Date: Mon May 12 2008 - 08:11:44 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> From: "Jos Chrispijn" <joswebrz.net>
>
> > What would be the advantage of using MySQL with Postfix? I now
> > use it without and I have no complaints about it...

Then relax, you don't need it. Eventually you might see a benefit to
maintaining some lookups in SQL or other network-based service, but
when that time comes you will know.

On Mon May 12 2008 07:25:31 Jack Raats wrote:
> Without mysql the accounts of postfix must be local accounts.

This is not true; virtual_*_maps and relay_recipient_maps can be in
hash: or other tables. (ANY supported and appropriate map type.)

> scalability:
> without mysql you can only have about 65000 accounts (linux?)
> while using mysql you can serve a lot more...

If your service is going to scale up to such numbers, indeed, a SQL or
LDAP backend is highly recommended. At that point you might also need
to distribute users among different mailstores, too.

> security
> less security problems because mailaccounts != localaccounts

That's too simplistic. If a Unix user doesn't have shell access, there
is arguably much greater security in that his UID can only affect his
own mail. In a typical virtual(8) setup, a single UID might control all
mail for a given domain, or even all virtual_mailbox_domains. A
compromise of that UID could be disastrous.

Conversely if a virtual user *needs* shell access, you have the worst
of both: the reduced functionality of the virtual(8) delivery agent,
and the greater exposure to potential exploits that comes with
providing shell access.

The matter of how to secure a system with shell users is beyond the
scope of this list, and I admit, it's not trivial. I merely wish to
dispute the FUD that virtual(8) is inherently "more secure".
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]