New account page

This page is used to create new accounts.

About Accounts

Accounts come in two types: Person accounts and Role accounts. The main difference between the two types is that Person accounts require a surname field and Role accounts do not. Thus, you would use a Person account for Ty Coon, CEO of MegaCorp but you would use a Role account for a generic "CEO" account (which is probably handled by an army of assistants rather than by Ty Coon himself).

Standard mail addresses like postmaster, hostmaster, and abuse are best represented by Role accounts. These might all deliver their mail to an administrator's personal mailbox, or they might have mailboxes in their own right, depending on the size of the organisation.

Account data

Name

This is the name of the person or role that the account is for. This field must be filled in, and should be the full name of the person or role.

Surname

If the account is for a real person, then their surname should go here. This field must be filled in for Person accounts. The surname should also appear in the Name field above.

Advertised mail address

This field is used for "directory enquiry" functions only. It tells an enquirer the address that should be used to send mail to the person or role that owns this account.

User ID

If the account will be used to store mail or to validate mail submission then a User ID will be needed. User IDs should contain only letters and numbers. User IDs must be unique across all domains on the system as they are used for logging into the mailstore which is shared by all domains. Once a User ID has been assigned to an account, it cannot be changed without deleting the whole account and all its stored mail.

New Password

Accounts with User IDs need passwords to validate their logins. This box always appears blank, but if an administrator fills it in then the value supplied will become the new password for the account. Thus, administrators can change passwords but cannot read them. Note that it is not possible to login to an account if the password has not been set.

Left-hand side of mail address

If the account is to receive or forward mail then this field must be filled in. It should contain everything to the left of the "@" symbol in the mail address. The right-hand side of the address comes from the domain that the account is in.

Forward mail to

If mail addressed to this account is to be forwarded on, then this field should be used to specify where it should go. One or more mail addresses can be specified, one per line.

SpamAssassin config

This allows you to tune the behaviour of the anti-spam system. Many SpamAssassin config items are valid. Here are some of the more useful ones:

required_score 4 - this sets the threshold score above which a message is marked as spam. 4 is very aggressive: most people probably want this set between 5 and 10. If not specified then the default value comes from the site-wide config file.
whitelist_from user@dom.ain - subtract 100 from the score of any mail that claims to come from this address. There is no check for forgeries so this can allow more spam through. Wildcards are allowed - '*' to match any number of characters and '?' to match exactly one. This item can be specified as many times as you need.
blacklist_from user@dom.ain - adds 100 to the score of any mail that claims to come from this address. Useful for getting rid of persistent marketing messages. Wildcards are allowed - '*' to match any number of characters and '?' to match exactly one. This item can be specified as many times as you need.

Pressing the Submit changes button will update the VDM system. If you added a UID to the account, a mailbox will be created automatically.

To abandon any changes you have made, follow the Return to account list link or use the browser's back button.

Some common recipies

A person with a simple mailbox

This is a very common type of account. Fill in the person's real name and their surname. Put the full mail address in the Advertised mail address field. Assign a User ID and New Password to allow them to login to fetch mail. Fill in the left-hand side of the mail address using everything before the "@" character from the full address. Leave the Forward mail to field blank.

Field	Example value
Name	John Smith
Surname	Smith
Advertised mail address	j.smith@example.org
User ID	corp271
New Password	m6cJ<h2Z&
Left-hand side of mail address	j.smith
Forward mail to

An alias that forwards mail to a real person

Suppose that John Smith is in charge of IT systems for example.org and needs to have mail for postmaster@example.org directed to the account that we set up above. This can be done with a Role account:

Field	Example value
Name	Postmaster
Advertised mail address	postmaster@example.org
User ID
New Password
Left-hand side of mail address	postmaster
Forward mail to	j.smith@example.org

A default mail recipient

Suppose John Smith wants to recieve all mail addressed to example.org whatever has been put on the left-hand side of the "@". This might be useful if the domain is a family one and he will download and print mail addressed to his children. (In practice it would be better to provide aliases for each child, as then the mail system could reject completely bogus addresses). This can be done with a Role account very similar to the alias example, though we will not provide an Advertised mail address as it does not make sense here.

Field	Example value
Name	Default
Advertised mail address
User ID
New Password
Left-hand side of mail address	%
Forward mail to	j.smith@example.org

An address that forwards to several people

Suppose our example organisation runs a helpdesk, staffed by three people. They all want to see all mail addressed to helpdesk@example.org

Again, this can be done with a Role account though there are potential problems with this approach. If the number of recipients is more than two or three, it is probably better to set up a real mailing-list or a shared mailbox in the mailstore.

Field	Example value
Name	Helpdesk
Advertised mail address	helpdesk@example.org
User ID
New Password
Left-hand side of mail address	helpdesk
Forward mail to	j.smith@example.org a.jones@example.org d.mahl@example.org

Delivering to Unix usernames

Most of the mail system has no connection to Unix usernames at all. If you need to deliver mail to a Unix mailbox (perhaps so that procmail can process it) then this must be done in the "base domain" - in our case, ourshack.com

At its simplest, this just means addressing mail to <username>@ourshack.com - no account data need be set up here. If you want mail from some other domain to go to a Unix account, just set up an alias in that domain.

Note that if you create an account in ourshack.com whose "Left-hand side of mail address" matches a Unix username then it will not be possible to deliver mail to that Unix username: the mail will be forwarded or delivered to the IMAP store according to the data in the VDM account entry.

If you want to have mail delivered to a Unix username but also take advantage of the SMTP authentication system, you must set up an account here. Set the "Left-hand side of mail address" to a value that does not match the Unix username. This will allow your procmail filter to deliver some mail to the IMAP store if you wish. Alternatively, leave "Left-hand side of mail address" blank and use cyrus-deliver in a procmail filter to deliver mail into the IMAP store.

Field	Example value
Name	Andrew Findlay
Advertised mail address	andrewf@ourshack.com
User ID	andrewf
New Password
Left-hand side of mail address	andrewf-imap
Forward mail to

VDM Help	Virtual Domain Manager
Not logged in