DoveCot vs Cyrus-Imapd Performance

Aleksandar Milivojevic amilivojevic at pbl.ca
Fri Jan 14 06:00:33 UTC 2005


Quoting Kevin Fries <kevin at hcico.com>
Date: Thu, 13 Jan 2005 16:21:12
> You just proved our point.

Not really.

> Why do I need to do any of that?
> 
> With Dovecot, WU, and Courier, it uses system accounts.  Not only
> that, Usermin allows the user to manage their own procmail/forward
> files empowering the user, and relieving me, as the admin, from having
> to do it.  Plus, the user does not need to have the ability to log on
> (restrict telnet, ssh, etc) for security reasons.

And exactly how scalable are user accounts (the ones stored in flat file called
/etc/passwd)?  That will not scale well.  Having Cyrus installation, and users
existing only in database such as LDAP, Kerberos and/or SQL scales well.  Even
without database, users that exist only in /etc/sasldb2 are far better solution.

With Cyrus users can manage their filters, vacations and forwarding using single
interface: Sieve.  Absolutetly no action needed on your part.

Therefore I do not see any difference between managing Cyrus IMAPD installation,
or any other IMAP server.  The only difference is job needed to take away shell
accounts from the users, and move them into Cyrus.  Once that is done, it
becomes easier.  There are no more thousands of shell acounts to manage.

Even if you insist on having shell accounts, .forward and .procmail files, and
what not, Cyrus can work with those too.  You are not going to take full
advantage of Cyrus, but it will work, and there are people out there that use it
that way.

> And how do the Cyrus tools interoperate with other tools?  The simple
> answer is they don't.  They are a bastard process that needs to be
> managed separately.  There are lots of ways to make the admin of the
> user accounts more complex in an attempt to make the overall
> administration easier.  Tools to place user accounts in LDAP and MySQL
> so the accounts can be reused for mail relay, pop/imap, but also ftp
> and web access, such as Webmin and Postfix Admin.  One admin tool to
> handle it all.  Dovecot, Courier, and WU will all work with that type
> of system, Cyrus does not.

It is very rare that I see a statement that is so far away from truth than the
above.

Cyrus uses LDAP, Kerberos, SQL, PAM, SASL or basically anything else you throw
at it.  In combination with SASL, it can use Kerberos the way it is intended to
be used, unlike some other implementations that can do it only through PAM (in
which case user's must type passwords -- which is not the way Kerberos is ment
to be used, if you are using it that way, you might as well use NIS or LDAP). 
Actually, since Cyrus never uses local shell accounts (except for
authentication, if that is the way you have choosen to configure it), that is
the only way to manage your users.  Therefore saying that Cyrus is closed in
itself is as far from truth as it can get.  It is far more open than other IMAP
implementations, because it is designed that way.  Of course, if administrator
(in his ignorance) chooses to place user information in separate database for
use exclusivly by Cyrus, that is administrator's decision.  It isn't the way
Cyrus is designed or ment to be used.

You want to use Webmin or Postfix admin, and manage users in LDAP database?  No
problem.  Just point Cyrus to your LDAP database, and it will be happy with it.
 Probably happier than Dovecot, and way more happier than wu-imapd.

> That is why people think Cyrus is more complicated to administer.

Actually, that was the reason why I wrote my first email in this thread. 
Complexity of managin Cyrus IMAPD is urban myth.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7





More information about the fedora-list mailing list