Original page: http://linux.die.net/man/8/userdel

Name
userdel - delete a user account and related files

Synopsis
userdel [options] LOGIN

Description
The userdel command modifies the system account files, deleting all entries that refer to login_name. The named user must exist.

Options
The options which apply to the userdel command are:

-f, --force
This option forces the removal of the user, even if she is still logged in. It also forces userdel to remove the user's home directory or her mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user. If USERGROUPS_ENAB is defined to yes in /etc/login.defs and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user.
Note: This option is dangerous and may leave your system in an inconsistent state.

-h, --help
Display help message and exit.
-r, --remove
Files in the user's home directory will be removed along with the home directory itself and the user's mail spool. Files located in other file systems will have to be searched for and deleted manually.
The mail spool is defined by the MAIL_DIR variable in the login.defs file.

Files
/etc/group

Group account information.
/etc/login.defs
Shadow password suite configuration.
/etc/passwd
User account information.
/etc/shadow
Secure user account information.
Exit Values
The userdel command exits with the following values:

0
success

1

can't update password file

2

invalid command syntax

6

specified user doesn't exist

8

user currently logged in

10

can't update group file

12

can't remove home directory

Caveats
userdel will not allow you to remove an account if the user is currently logged in. You must kill any running processes which belong to an account that you are deleting.

You may not remove any NIS attributes on a NIS client. This must be performed on the NIS server.

If USERGROUPS_ENAB is defined to yes in /etc/login.defs, userdel will delete the group with the same name as the user. To avoid inconsistencies in the passwd and group databases, userdel will check that this group is not used as a primary group for another user, and will just warn without deleting the user otherwise. The -f option can force the deletion of this group.

Well, I setup a linux vm at work running Ubuntu with a static ip and an internal domain (devteam.grp) to use for our source control and PM web app (Subversion with Redmine).

I also needed a mail server for sending and receiving mail for the devteam.grp domain. I wanted a mail server that could handle multiple domains yet have a simple installation; and the only thing that I fould was Citadel which was a very good but had way too many features for what I needed. Ubuntu has a package for it which made it easy to install but I ran into other issues afterwards.

• I wasn't able to send to external domains from localhost.
• I could only send mail to other local accounts from localhost.
• I couldn't receive any emails from the company email accounts.

I decided I didn't need to have the feature rich Citadel so I opted for the Dovecot/Postfix combination for pop3/imap and smtp. I ended up un/installing the pair a number of times over the last few days to figure out the problems through trial and error. A lot of the time was spent googling and some of the links that helped me in my search for a solution were:

• iptables - https://help.ubuntu.com/community/IptablesHowTo
• ufw firewall - https://help.ubuntu.com/8.04/serverguide/C/firewall.html
• Postfix SMTP relay and access control - http://www.postfix.org/SMTPD_ACCESS_README.html
• Selectively relaying emails using postfix - http://techsk.blogspot.com/2009/04/selectively-relay-emails-using-postfix.html
• Can't send mail through Postfix server - http://ubuntuforums.org/showthread.php?t=1128025
• Setting up SMTP Authentication over TLS with Postfix - http://rene.bz/node/4
• Basic Postfix configuration and preparation for SMTP AUTH - http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_configuration.html

My fix was to:

• Completely uninstall Dovecot and Postfix including configuration files.
• Flushed the iptables (iptables -F) and allowed all access for now then configure it later.
• Disabled the firewall (ufw - enabled it later and only allowed access to the required ports).
• Made sure there was an MX record for the mail server.
• I had to get the network admin to allow relays for the domain (devteam.grp) in MS Exchange.
• Reinstall Dovecot from Synaptic Package Manager in Ubuntu (dovcot-common, dovecot-pop3d, dovcot-imapd and dovecot-postfix packages)
• In the /etc/postfix/main.cf config file, I made sure that the "mydestination" parameter contained my domain name (devteam.grp) as well as the computer name (along with the other defaults). I also placed all the company domains in the "relay_domains" parameter.

Here's my config:
##########################################################

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = fcsbungaydevlinux
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = devteam.grp, fcsbungaydevlinux, localhost.localdomain, localhost
relayhost =
relay_domains = $mydestination, company1.ca, company2.grp, company3.ca
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_received_header = yes
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom
########################################################## 

In the /etc/dovecot/dovecot-postfix.conf file, I set the "protocols" to "pop3 imap" and the "disable_plaintext_auth" to "no". I didn't make any other changes.

It seems like such a quick thing to setup now that I write down my process but it took a while to figure out what needed to be done in the first place LOL

The only problem I'm having right now is that mail I send from my company email on the network to devteam.grp is returned undeliveralbe:

 
This message was created automatically by the SMTP relay on mail.company1.ca.
  
A message that you sent could not be delivered to all of its recipients.
The following address(es) failed:
 
  santosh@devteam.grp
    Unrouteable address

Strange thing is that another company domain on the network don't have this problem.  Well it's not quite that strange; we've got multiple MS Exchange servers setup for the various company domains and it's probable that the relaying on exchange server for company1.ca hasn't been configured.

I think RC's (one of our network admins) going to get sick of all my emails