I run multiple domains on this machine, mostly for myself and friends. I set it up so I could easily host a new domain, with various capabilities, and give a friend the ability to administer most of it.
Get a new IP address from my ISP meer.net and let them do the reverse DNS for the domain. This will be used for the virtual hosting of the Apache web server and the WU-FTP server.
Set up DNS for various aliases on that IP address - domain.com, www.domain.com, mail.domain.com, ftp.domain.com, etc. I do my own primary, and use Granite Canyon as a secondary.
Create a user to manage the domain, get all the mail, and manage the web pages and ftp site. I use procmail as a delivery agent (the RedHat default) and stick everything directly into a Cyrus IMAP server. The domain user can then use ImapFilter to forward, filter, etc. This user can also create mailing lists, using a customized version of SmartList.
Set up Sendmail to handle the domain. Basically this means editing the virtusertable to send all mail to a domain user, and adding the domain to sendmail.cw.
If a friend just wants MX forwarding (usually because they have a domain registered with Granite Canyon), then I just add them to virtusertable and sendmail.cw.
If a friend just wants an account to play with, I create one in basswood.com, and explicitly set their email in virtusertable. I also create them an IMAP mailbox on the Cyrus server.
If somebody wants to screw around with their Apache config, I set up a way for them to restart Apache without needing root access. All of the web sites share one Apache instance, vhosted by IP address. Their individual config files are included from their home directories. If the config file is screwed up, Apache won't load the new config. The only problem is if the machine crashes, and one of the config files is invalid, then I have to fix it manually before Apache will start up.
I pretty much let people put stuff in /usr/local/... wherever they want, so they can build and install apps themselves.
I don't give friends root access, but I do allow them pretty free rein. As long as they don't abuse the CPU or bandwidth too much.
Sample virtual IP file
InterNIC record lists Granite Canyon as 1 and 2, but Granite Canyon is a secondary for domain
Sample DNS root file and domain file
Sample Apache root config and domain config
Sample FTP root config
Sample Sendmail.cw and virtusertable with makehash command
Sample domain user home directory with explanation