Why does DA use virtual accounts?

[Duboux]

Why does DA use virtual accounts ?
Or, better phrased:
Why is there a difference between the main user email-login-name & ftp-login-name and the other email & ftp accounts on that domain ?


For the people in front of the curtains this is really an annoying factor..
"welcome to xXxHost, your email and ftp details are... BUT, if you create other accounts, it will be..."
What must they be thinking =/

And I don't get it, because for example if we blocked the way people can connect to the server, using the ip instead of their domain, then their domain would actually be known, and they would just need to give their "short" username (domain excluded) as login.
(this all counts on mail, webmail and ftp)


Believe in: "Keep it simple for the enduser"


I now already create a default [email protected] address when I create a new user.
Perhaps I should make a forward from the [email protected] --> [email protected]
And create an extra ftp-account. So I can tell the user just to login with [email protected] for everything...

 

[floyd]

Why does DA use virtual accounts ?

Why is this posted in this thread? I think you need to create a new thread for this question. But the short answer is because using only regular system accounts is very limiting. If you need more its a good idea to start a new thread since this question doesn't have anything to do with "Uebimiau isn't secure, do you know that? Use Telaen."

 

[nobaloney]

I've moved Duboux's post, and floyd's reply to it's own thread. As floyd suggested, the post really belongs in it's own thread.

The longer answer is that if DirectAdmin didn't use virtual accounts for email and you had for example [email protected] you couldn't have an email account [email protected] or at any other domain. Virtual accounts allow you to have tom@any.example.com.

Duboux, you might want to consider changing the default welcome message text to say what you want.

Jeff

 

[floyd]

And if you had a system user named tom and a spammer wanted to spam tom at ever domain on that server then the user tom would get thousands of spams because he would get it by default unless [email protected] was mapped to another user.

 

[Duboux]

Aah, thanx, and thanx for the moving of the post


So how do other Control Panels do this ?

 

[nobaloney]

Most other control panels do it the same way.

Plesk is an exception. They rewrite their IMAP and POP3 daemons so that the login includes both the username and the password. Of course they don't allow you to have, for example, [email protected] and [email protected], both with the same password. You could log in with just jeff, but there'd have to be a different password for each Jeff.

Jeff