[Fedora-directory-users] mailing lists , FDS , WinSync

Wed Sep 21 05:53:01 UTC 2005

Hi John
That was the best reply i ever got for a post on a forum.
Thanks a million.
I'll do a deeper study into all these before i proceed.
Regards
Nabeel
On 9/20/05, John Dennis <jdennis at redhat.com> wrote:
> 
> On Tue, 2005-09-20 at 21:58 +0530, Nabeel Moidu wrote:
> > I would be satisfied if the mailing lists can be maintained seperately
> > using its own list while the users are stored in the directory server,
> > but the only issue is when the mail server receives a mail, an ldap
> > lookup by the Spam Firewall (We use Barracuda here) shouldn't result
> > in it rejecting it as an invalid user since the lists are maintained
> > seperately.
> > Can this situation be overcome anyhow?
> >
> > And as for the LDAP module you will be releasing , Will it be for
> > storing the lists completely in the ldap server?Can the list entries
> > map to the existing user account in the LDAP server?
> 
> FWIW, I also maintain cyrus and dovecot at Red Hat.
> 
> I think you may have some concepts confused, let me see if I can
> explain.
> 
> The MTA and the IMAP server at your site manage what I'll term "local
> users". In other words their accounts, mail storage, aliases, etc. are
> under your control.
> 
> However a mailing list manager such as mailman does not necessarily
> manage local users, in fact its often the case the members of a mailing
> list hosted at your site are mostly foreign users. For instance if your
> site hosts a mailing list called "announcements" you might have people
> subscribed to that list from all over the world. It is true that some
> sites hosting mailing lists only permit local users to join their lists
> but that is somewhat orthogonal to the discussion of user and list
> management at the LDAP level. In summary, the members of a mailing list
> hosted at your site are arbitrary email addresses.
> 
> However, what is local to your site with respect to the mailing list is
> the list email address (e.g. annoucements at mycompany.com). Mail arriving
> at your site for the mailing list and mail departing your site for the
> mailing list is only ever as a "list address", individual users who are
> members of the mailing list are never seen by your MTA (I'm playing a
> little fast and loose for simplicity here, but this is essentially a
> true statement). Your MTA will need to know about the existence of the
> list address so it can deliver and not reject the list as an unknown
> user. This is done by adding the list as an alias. In fact mailman has
> nice support for postfix, when mailman creates a new list it
> automatically adds the list alias to postfix's aliases. Mailman is not
> even aware that postfix is managing its aliases via LDAP, you configure
> postfix to use LDAP for its aliases.
> 
> One minor caveat about mailing list aliases, there are several for each
> mailing list which exist to handle bounces, requests, etc. but you're
> pretty much shieled from having to know any of this.
> 
> When your mailing list wants to send messages out to the list it invokes
> your MTA for every email address that is in the mailing list. Some of
> those email addresses will be local, some will be foreign. But once
> again you don't need to know or want to know that distinction, your MTA
> handles it automatically. If some of the address happen to be local the
> MTA will figure it out (postfix can be configured to do this via LDAP
> lookup of your local users). If your MTA determines the user is local
> then it makes a local delivery.
> 
> If you are using IMAP then your MTA will deliver the mail to the IMAP
> server. Just like your MTA your IMAP may be configured to use LDAP to
> look up information about your local users, in fact its probably a good
> idea if you're usings LDAP for your MTA and other system based local
> lookups (e.g. nss).
> 
> The key point here is only your MTA and your IMAP server care about
> local users. A mailing list is a special case of a local user. Take care
> to note here I said the mailing list, which as far as your MTA is
> concerned is a black box. The members of that mailing list have no local
> lookups unless a member happens to route locally and only then will it
> become an MTA/IMAP issue (and at that point the mailing list is no
> longer in the picture).
> 
> Thus when it comes to mailing lists you don't want to intermingle local
> users and list members and by extension the mailing list itself is
> independently maintained. Local users and mailing lists are really two
> seperate things.
> 
> On the other hand, if you're setting up virtual users (people who don't
> have system accounts only an email account) there are a few extra steps,
> but essentially its the same thing. For simplicity I've omitted any
> discussion of virtual domains as well, but fundamentally the concepts
> are the same, just one extra level of indirection.
> 
> I hope this explains things. Make sense?
> 
> I expect to post the LDAP support for mailman in the source forge
> mailman patches site within about a week. Please be aware you will find
> an existing LDAP module there, but its quite incomplete and only usuable
> in limited circumstances.
> 
> To further clarify, when mailman is configured to use LDAP its ldap
> entries belong to mailman only. It will never lookup up anything outside
> of its own ldap tree.
> --
> John Dennis <jdennis at redhat.com>
> 
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20050921/9235d85d/attachment.htm>