Courier is managed by Puppet class `hcoop::service::mail::courier` == Notes == * Members authenticate using PAM and therefore read mail as their normal user * VMail users gain tokens via `/etc/courier/get-token` and a local modification to the courier `authuserdb` method * Default generated Debian dh_parameters are OK as of Debian Stretch (3072 bits) == nopag == At least through Debian Stretch, courier needs to run with nopag so that vmail users would have tokens, using the following pam config: {{{ # PAM configuration file for Courier IMAP daemon #@include common-auth #@include common-account #@include common-password #@include common-session session required pam_afs_session.so debug nopag always_aklog auth required pam_krb5.so debug auth required pam_afs_session.so debug nopag always_aklog account required pam_krb5.so }}} Using standard PAM config seems to work in ''some'' cases, but fails most of the time. ---- CategorySystemAdministration