ispCP - Board - Support
Possibility to use Postfix + Omega without sasldb - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Development Area (/forum-1.html)
+--- Forum: Suggestions (/forum-2.html)
+--- Thread: Possibility to use Postfix + Omega without sasldb (/thread-394.html)



Possibility to use Postfix + Omega without sasldb - DPR - 04-16-2007 11:47 PM

I have a few questions:
as far as I can see, Omega needs the sasldb auxprop Plugin in connection with Postfix, correct ? I.e. there's a sychronization between the mySQL DB needed which means it uses saslpasswd to create and modify the sasldb - where all users and passwords are stored again ?!

This doesn't make any sense for me because we could also use the mySQL auxprop plugin to authenticate directly via the DB ! Which would make the synchronization completely unnecessary.

DPR


RE: Possibility to use Postfix + Omega without sasldb - soringo - 04-17-2007 03:07 AM

Yes..I agree ...I have a sort of conf for that...tested with dovecot witch I like more than courier.....

Notice...for use dovecot-pop, imap and even sasl for smtp-auth you have to use postfix.2.3


RE: Possibility to use Postfix + Omega without sasldb - Donni - 04-18-2007 12:17 AM

Sorry, but I disagree with you both. Authenticating via a db is overkill if you are running a mailserver with high load. I prefer using the standard maps since performance and stability are much better. I see that it could be more comfortable to authenticate with MySql directly but I think the best solution would be if the admin of the server can decide wheter to use direct mysql authentication or the standard hash files.


RE: Possibility to use Postfix + Omega without sasldb - DPR - 04-18-2007 01:05 AM

Donni Wrote:Sorry, but I disagree with you both. Authenticating via a db is overkill if you are running a mailserver with high load. [...]
I doubt that the sasldb method with a file scales better than a mySQL DB if you do have a lot of users.
But you're absolutely right, everyone should have the possibility to choose which method you want to use. That's all I wanted to say Smile

I will open a ticket for this !


RE: Possibility to use Postfix + Omega without sasldb - ephigenie - 04-18-2007 01:59 AM

i told you before that this makes only sense after we changed the whole way information regarding mail is stored in ispCP Omega...

The current ERD does not allow such things.
In fact speaking of an ERD does not really fit the current database Tongue


RE: Possibility to use Postfix + Omega without sasldb - Donni - 04-18-2007 02:23 AM

DPR Wrote:I doubt that the sasldb method with a file scales better than a mySQL DB if you do have a lot of users.
I must admit that I don't havemuch experience with *really* huge mailservers but let's see what the "real professionals" say Wink
Here is an excerpt of "The Book of Postfix":
Quote:The principal difference between a database map and an indexed map is that you do not need to restart a daemon when there is a change to the database. [...] The drawback to this approach is that the database may not be able to handle the number of queries gracefully, because Postfix needs to perform al least three queries for each lookup in a map [...] Under heavy load, the databse backend could stop working, and your mail service would be vulnerable to a self-induced meltdown or a denial-of-service attack. This possibility should not prevent you from using database backends, but you should be aware of the risk.
[...] latency can be another problem. Database queries have a higher latency than indexed maps because Postfix must connect to the database, send the query, and then wait for the result. With an indexed map, Postfix has only to consult data that is already loaded in memory. [...]

But I fully agree that it would be cool to choose wether to use indexed or database maps (at least one day Wink).


RE: Possibility to use Postfix + Omega without sasldb - DPR - 04-19-2007 05:04 AM

Donni Wrote:But I fully agree that it would be cool to choose wether to use indexed or database maps (at least one day Wink).

I'm not talking about the whole postmap thing ... I'm just talking about the authentication methods ... your quote only references the whole mail-domain-handling things !