# Dovecot, virtual accounts and Kerberos



## BlueCoder (Jun 3, 2013)

I would like to authenticate IMAP with Kerberos. I can understand Kerberos working with just mapping the re*a*lm to plain usernames: user1 is user1@INTRANET. It just maps the re*a*lm for all accounts. But how can you map for accounts with domain names?

Seems to me you would need a database to map accounts to lists of acceptable Kerberos users that can access the account.


```
[email]user1@server1.local[/email]:bob@INTRANET
```


----------



## AndyUKG (Jun 6, 2013)

I would guess you need to have a Kerberos realm for ever domain you require email for. As this is Dovecot specific I'd ask on the Dovecot mailing lists...

Andy.


----------

