[Samba] Postfix and Samba best practice

Kevin Bailey kbailey at freewayprojects.com
Mon Mar 16 10:41:22 GMT 2009


We have a server which is going to be a Samba file server and a Postfix 
server where the users will access their mail over IMAP.

We normally prefer to use Maildir storage as it seems to be recommended 
over mailbox - for me, for example, I am subscribed to a dozen or so 
lists and have tens if not hundreds of thousands of emails on the 
server.  The combination of Postfix and Courier-imap has worked 
perfectly for a couple of years.

So - in /etc/postfix/main.cf we set

mailbox_command = /usr/bin/procmail -a "$EXTENSION" 

to put the mail under my home directory and to enable procmail to work.  
(I can then use procmail to sort mail into subdirectories etc).

Now, if I set up Samba as default on Debian it shares out my home 
directory to Windows clients.  If I allow the viewing of hidden files 
then the .Maildir directory shows up on Windows where it can be explored 
or even deleted.

In my case it's not a problem because I won't (intentionally) delete 
that folder - but we're setting up a server for a client with normal users.

So, we want to separate the Maildir from the directory being shared out 
over Samba.

My question is this:

Is it better to store the mail somewhere else entirely - i.e. 
/var/mail/users or something or a new home directory (/home/mailstorage) 
or something?  In which case how best to set up permissions?  It seems 
that when the mail is stored it gets the username as the owner:group.  
This should mean that logging in over imap should allow that user to 
read/manipulate mail.

Or should I try to share out a different directory via Samba.  I.e. 
Leave the mail in /home/username/.Maildir and get Samba to share out 
/home/username/samba for example?

Obviously, I can bodge this around with permissions etc but would prefer 
any links to best practice so that we can implement the best way on all 
future installs.

BTW - I've (sorry!) cross posted this to the Samba/Postfix list to see 
what both sides say - hope that's OK.



