Email has become the crux of communication, both in business, and in many cases our personal lives. At the same time, computers have become pervasive, with many people having an office machine, home machine(s), and perhaps a laptop. Add to this personal and business email accounts, with retrieved mail scattered across these various machines and you’ve got quite a mess.
Traditionally, Unix-based systems have provided POP servers for users to retrieve email. The user logs into the POP server with their username and password, then retrieves their mail. Many mail clients do offer the option of leaving the mail on the server, so if you retrieve your office messages from home or while on the road, you can still leave them there on the server for access from the office. Now the problem is that you’ve got a mix of messages, both at home and on the server, some on both machines.
There are a few other problems with this approach:
- Users need an account on the mail server machine.
- Passwords are passed in clear text.
- Users may need setup help in setting up the myriad of mail clients and OS’s.
A different way to approach the problem is to setup an IMAP-based mail solution. IMAP (Internet Message Access Protocol) is an Internet standards-track protocol for accessing messages.
- Users do not need an account on the mail machine (in some cases).
- Passwords/email can be passed through an encryption layer (again for some servers).
- With some additional software, users can access their mail from a web browser from any OS.
There are two main IMAP servers available for UNIX style OS’s. The Carnegie Mellon University’s Cyrus server and the University of Washington server. The former offers a security layer, while the latter is a bit easier to setup. The Cyrus server also uses it’s own mailbox database, which is more efficient for a large number of users, whereas the UW server uses normal Unix mailboxes so it can co-exist with other mail services. The Cyrus server also does not need the users to have login accounts on the mail server.
My original intent was to setup the Cyrus server, as it handles encrypted connections, but even though the software built fine on 2 different machines I tried it on, the imapd daemon would fail whenever one would try to connect to it. Instead I’m going to outline setting up the University of Washington IMAP server, as well as a web based mail client called SquirrelMail.
Although we’ve lost the ability to have mail users without login accounts, a simple way to disable the login account is to set the user’s shell in /etc/passwd to /bin/false:
If you happen to be providing other services with Samba or Netatalk, this should prove to be an acceptable solution.