[K12OSN] OT: quote on file / mail server
rowens at bio-chemvalve.com
Thu Jun 28 12:42:36 UTC 2007
I've answered your questions inline below.
Another thing I should mention: I need to accommodate users who travel
with their laptops. We have a terminal server that they can connect to
through a gateway that the parent company sets up, and they'll use the
mail client on that machine to get their email. I need to keep that
machine sync'd with their local machine. I assume IMAP is the way to do
this. I'm struggling a bit, though, with the specific mail client
settings to allow them to keep a local copy of their email (something
like MS's "cached exchange mode").
Thanks for all the advice.
John Lucas wrote:
> I can't give you a quote, but perhaps I can suggest an approach. You need to
> decide on a strategy.
> There are probably several ways to accomplish what you want, but you first
> need to state your needs more precisely:
> - what email clients do you intend to support?
Thunderbird, mainly. Outlook would be nice, in case any users are
particularly attached to it. Other than that, it would be free email
clients for Linux (possibly Evolution)
> - are there other "groupware" (beyond email) needs?
The only other thing we use that could be considered groupware is
perhaps the global address list.
> - how flexible is your AD (Active Directory) admin?
I am the AD admin. We do a lot of outsourcing of our IT, though, which
is why I stated that it may be a good idea to keep Active Directory.
I'm starting to reconsider that, though.
> What I might do if *only* email is required and there were some freedom of
> choice of MUA (Mail User Agent):
> - extend AD to support Posix/Unix LDAP schema
> - set up CentOS (my choice) to authenticate via LDAP via AD
> - install/configure Postfix to use LDAP (from AD)
> - install Dovecot (IMAP server)
> - modify imap pam configuration to add "pam_mkhomedir.so"
> This would allow the use of any IMAP email client (KMail, Thunderbird,
> Evolution, Outlook Express, Squirrelmail etc.). All user creation would be
> handled in AD.
> I would also add "clamsmtp" to the Postfix configuration to use "clamav"
> anti-virus scanning. "Defense in depth" is a good idea, it doesn't hurt to
> run the mail through more than one scanner. The more diversity in scanners,
> the less likely a single virus will get past all of them.
> The single largest potential obstacle to this approach is to get the AD admin
> to modify the AD configuration to support Posix/Unix LDAP schema. If you
> can't get them to do this, then this approach is a non-starter. The steps
> aren't difficult and are covered step-by-step in chapter 9 of "LDAP System
> Administration" by Gerald Carter.
I'll have to read up on this. Thanks for the info.
> This is a political, rather than a
> technical, problem.
> One final thought: Do you need to run your own mail host? You might be able to
> use one already running within your organization *or* you might find the
> moderate expense of using "Google Apps" useful. Either approach would
> eliminate the expense of running/administering/upgrading another server.
I'd like to give them a local mail server. There is the option of
letting them use my mail server (in the US), but then if my internet
connection goes down, they have no email. That's happened to us before
with another shared server, and it made everybody unhappy.
More information about the K12OSN