Skip to content. | Skip to navigation

Navigation

You are here: Home / Support / Guides / Building Software Application Stacks / Managing Mail Users / Creating Mail Users

Personal tools

 

Managing Mail Users

Doing the fiddly stuff with Postfix, Cyrus etc.

Creating Mail Users

Here we'll distinguish between mail acounts created in the default domain (eg. username@defaultdomain) and one of our hosted virtual domains (eg. username@virtualdomain). Where the distinction isn't important we'll refer to username@domain.

Warning

You must know which kind of account you are creating!

This guide assumes you created a Cyrus admin account, in this case cyrus. This is not a Unix user account but rather a SASL2 account (and referenced in /etc/imapd.conf in the admins attribute).

For Cyrus

The following commands all run within cyradm (for which we created a library-finding version of the script in /usr/local/bin):

cyradm --user cyrus localhost

  1. Create the account.

    If the mailbox is in the default domain then the account is created as user.username otherwise the account appears as user.username@virtualdomain.

    Note

    Cyrus mail account names are all prefixed with user.

    cm user.username@domain

    Warning

    Check the access control!

    lam user.username@domain

    1. For the default domain

      If username lrswipcda does not appear (unlikely!):

      sam user.username@defaultdomain username@defaultdomain lrswipcda

    2. For a virtual domain

      If username@virtualdomain lrswipcda does not appear (which is much more likely if username is the same as a previously created username@defaultdomain):

      sam user.username@virtualdomain username@virtualdomain lrswipcda

    In either case, you'll probably want to remove the other user account from having access:

    dam user.username@domain otheruser

Filesystem

If the mailbox is in the default domain (username@defaultdomain) then the account's physical mail directory appears in /var/spool/imap/user/*username*. Otherwise (username@virtualdomain) the account appears in /var/spool/imap/domain/*virtualdomain*/user/*username*

SASL2

SASL2 handles default domains slightly differently:

  1. For the default domain:

    /usr/local/cyrus-sasl-*/sbin/saslpasswd2 -u '' -c username

  2. For a virtual domain:

    /usr/local/cyrus-sasl-*/sbin/saslpasswd2 -c username@virtualdomain

If you run salsdblistusers2 you'll probably find that the accounts in the default domain have inherited $(uname -n) as their domain. Don't worry, it is ignored.

If, on the other hand, you created username@$(uname -n) then it might not be ignored. SASL2 has its funny ways!

Warning

If you have shifted your mail service to a new box (with a new hostname) then the implied $(uname -n) for all the default domain entries will now come back and haunt you.

You can successfully authenticate as user@old-host.default.domain but that is now the wrong token for accessing mailboxes etc..

You will need to re-create all the default domain accounts.

Postfix

Tell postfix the account exists!

  1. In the default domain you

    1. don't do anything to create an account. Postfix doesn't know what accounts exist or don't. It'll find out when the delivery mechanism (Cyrus via lmtp) fails.
    2. create any aliases in /etc/mail/aliases

  2. In a virtual domain you need to:

    1. add the account to vmailbox:

      cat <<EOF >>/etc/postfix/vmailbox
username@domain dummy-value
EOF

    2. Create any aliases either in virtual or better in virtual_pcre

    3. [optionally] modify virtual_mailbox_domains in /etc/postfix/main.cf if it is a new virtual domain you've not seen before.

    4. Tell postfix about the changes!

      (cd /etc/postfix; gmake)

Document Actions