[Dovecot] invoking LDA in .forward
Timo Sirainen
tss at iki.fi
Mon Mar 10 11:12:34 EET 2008
On Mon, 2008-03-10 at 10:05 +0100, Jeremie Bouttier wrote:
> Timo Sirainen a écrit :
> > How about just setting /var/mail 01777?
>
> I believe this allows any user to create /var/mail/anotheruser if it
> does not exist yet. We have several hundred accounts and new ones
> regularly created, so this is a risk (that could perhaps be mitigated by
> creating the inbox at the same time as the account ?). Also the Debian
> policy specifies that /var/mail be 2775, not that it is sacred to me,
> but since there are other Debian-packaged MDAs/MUAs on the system I'm a
> bit wary about changing that.
>
> A possibly simple solution (and wishlist item) would be that deliver use
> an external dotlocking program if needed (dotlockfile, mlock...).
I did think about external dotlocking program, but that's kind of kludgy
as well. At some point I'd want to create a LMTP server and deliver
would normally be a simple LMTP client (but optionally deliver
directly), so the server could handle all this permission stuff. But
it's going to take a while.
So .. I don't think there's going to be a solution for this for a while,
at least not from me. How about just delivering mails to ~/mail/inbox
and everything would work fine without special privileges?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080310/2eb28833/attachment.bin
More information about the dovecot
mailing list