Re: [webmin-l] Virtualmin Professional

[Craig W. <cra...@az...>]

On Thu, 2005-09-15 at 17:01 -0500, Joe Cooper wrote:

> 
> > - Better LDAP management/integration
> 
> Currently, the Virtualmin LDAP support is limited to a couple of 
> specific use cases, which cover what we've had people request 
> specifically...but not all LDAP use cases.  In short, users and
groups 
> in LDAP are supported, and QMail+LDAP is supported for mail users and 
> aliases (though I should note that Virtualmin Professional bundles 
> Postfix, and QMail will never be an included package for Virtualmin 
> Professional--so, technically, this use case doesn't apply to
Virtualmin 
> Professional unless you jump through a few hoops to replace Postfix
as 
> the mail server).  We have an open wish in the bug tracker to add 
> support for Postfix+LDAP for aliases and other stuff.  It is likely
it 
> will happen in the next couple-few weeks, as it isn't a huge task and 
> LDAP is popular in some types of mass-hosting environments.
> 
> If anyone has any specific use case examples of using LDAP in a
virtual 
> hosting environment, I'd certainly like to hear about it.  Specifics
are 
> much easier to develop for than generic "more <feature>" goals.
> 
> > - Better Cyrus integration - especially because cyrus-imapd is such
a
> > natural for virtual users/virtual domains
> 
> We won't be supporting Cyrus, I'm afraid, unless there is real 
> widespread customer demand for it.  We've chosen Dovecot as our 
> IMAP/POP3 server.  I know of no compelling reason to support Cyrus
over 
> Dovecot, but I'm willing to be wrong.  I've tried them all, and
Dovecot 
> is a gorgeous example of elegant design applied to a mundane but 
> absolutely necessary task...very fast, zero maintenance, extremely 
> reliable, historically very secure, supports LDAP (and SQL if someone 
> were sick enough to go down that path for mail), and standards 
> compliant.  And it works great for virtual hosting environments with
a 
> lot of flexibility.
> 
> > - Support for Sieve editing by users
> 
> Never touched it, though it sounds nice in theory.  We've got 
> comprehensive Procmail rule editing support--but it is extremely 
> intimidating for normal users (even some PhDs I know are afraid of 
> Procmail).  However, I have a hard time imagining that normal users 
> would find any kind of comprehensive Sieve editing any less
intimidating 
> than the current Procmail interface.  Sieve just doesn't look like a 
> user-level solution for anyone other than you and I and people like
us. 
>   My mom will never use Sieve directly and it would be madness for me
to 
> try to convince her to use it directly.  Since we can put an
easy/safe 
> GUI on either Procmail or Sieve, it's irrelevant to the end user what
we 
> use.  What it comes down to is that direct editing of a text-based
email 
> processing rules language is just not something normal users are
going 
> to do.
> 
> Something a customer suggested that I think would be nice is import
of 
> existing filters from Mozilla or Outlook.  Though, because these
things 
> are stored way deep down in the users home directory and offer no 
> "export" feature, it would be quite ornery to actually walk a user 
> through the process of finding their filter file and uploading it. 
> Maybe we just need to emulate the filter creation model of
Thunderbird 
> and/or Outlook, so that users can create filters in Usermin using an 
> interface they already are familiar with.  Whether it generates Sieve 
> rules or procmail rules is somewhat irrelevant to the user.  I think
in 
> this case, Sieve would be a solution looking for a problem, since we 
> already have a mail rule processor in place for mail that is more 
> powerful (of course, Sieve is less powerful by design--but we can 
> restrict access to the power of procmail as needed, while we can't
make 
> Sieve more powerful as needed).
> 
> In short, I don't see what our non-computer nerd users could possibly 
> gain by having Sieve support.  They definitely need filter
configuration 
> (which is not very easy to use in Usermin currently, I will concede), 
> but what language those rules are written in is wholly a question for 
> the software developer...not the end user.  The end user should never 
> have to see a programming language, even one that is as simple as
Sieve. 
>   For you and me, Sieve would be awesome.  For Virtualmin users, it 
> would be as pointless as the Procmail interface in Usermin currently
is.
> 
> But, again, I'm willing to be wrong.
> 
> > Not that I haven't been able to make good use of webmin but I have
> > pretty much eschewed usermin in favor of Horde 3/IMP 4/Ingo etc.
because
> > it fills the gaps of Sieve/IMAP and a much more robust webmail
> > interface.
> 
> Define "robust"?  What's missing from Usermin's webmail that makes it 
> less appealing to you (other than IMAP and Sieve, if anything)? 
> Whatever it is we'd like to address it.  ;-)
----
I'm going to try to keep this a little more tightly defined as you have
enough on your plate.

Much of my point involves 'real users' vs. 'virtual users' - Those with
a shell and a home directory and those that don't have a shell or a home
directory. The user db being /etc/passwd or sqldb or sasldb or ldap db

Sieve - If you were familiar with Horde/IMP/Ingo in it's current
incarnation, you would understand. It's virtually out of the box set up
so that users can maintain their own filters, set their own vacation
replies, blacklists, whitelists, and 'fileinto' folders. Unlike
procmail, user doesn't need to have a shell account at all.

I used procmail for a few years and I liked it. Ingo (part of the Horde
project) does interface with it and is probably the best example I have
seen of making procmail user friendly. When I migrated to cyrus-imapd,
sieve was part of the migration and it's simple enough - in fact, not as
powerful as procmail but it has none of the overhead of procmail either.

Cyrus - LDAP - virtual users, no shell account whatsoever. Mailstore is
complete in it's own tree and not spread in user directories. Virtual
users don't have home directories to maintain. Cyrus scales - with it's
murder architecture, you can spread the load among servers. Cyrus has
shared mailboxes, public mailboxes, quotas. Dovecot - for all it's
features clearly isn't in the same league.

I have to believe that you have chosen dovecot for your pop/imap server
because you really aren't familiar with cyrus-imapd (or ldap).

I guess when I see so many large installations of universities and
corporations using cyrus-imapd, horde/imp, it seems to be an indication
of their assessment of the performance, scalability and feature sets
that some people do want.

Now if your target is the virtual hosting companies serving 15-30
domains and 500-3000 users, perhaps these issues are less important.

This of course, represents my own limited view and it's clear to me that
you and Jamie have given this a lot of thought and have quite a lot more
experience among you both than I have (by a very large margin). And of
course, you can adapt over time anyway.

Craig

ps - if you would like to see a cyrus/sieve - horde/imp/sieve/(more)
installation, I could create a login account for you at one of my
clients systems.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.