[Dovecot] Securing mailboxes and passwords

Daniel Aleksandersen aleksandersen+dovecot at runbox.com
Wed Feb 25 03:56:39 EET 2009


Sendt: Wed, 25 Feb 2009 01:36:00 +0100 (CET)
Fra: "Daniel Aleksandersen"
> Sendt: Tue, 24 Feb 2009 19:11:43 -0500
> Fra: Timo Sirainent
> > On Wed, 2009-02-25 at 00:38 +0100, Daniel Aleksandersen wrote:
> > > Sendt: Wed, 25 Feb 2009 00:29:17 +0100
> > > Fra: Pascal Volk
> > > > On 25.02.2009 00:25 Daniel Aleksandersen wrote:
> > > > > The recepie assumes I have a group called secmail. I don’t. Am I supposed to create
> > > > > a special group for this purpose?
> > > > 
> > > > Yes, if the group does not exists, you have to create it. You could call
> > > > it whatever you want.
> > > 
> > > I created the group and set the permissions to deliver as described in the recepie. I
> > > then added just about every user to that group.
> > 
> > No, don't do that. The point of it was to make deliver executable only
> > by your MTA, no one else. If other people were able to execute it, they
> > could gain root privileges.
> 
> I started added other users just to troubleshoot the problems I have been havnig.
> It did not work anyways, so I have removed other users from theat group.
> 
> The permissions still must be 777 or dovecot starts throwing permission errors.
> 
> I have tried a variety of other permissions including 677, 767, 776. All fail but 777.

ps -ef|grep exim shows that exim is run by user 101. A look into /etc/group reveals
the user as libuuid. Debian-exim is user 103. Could this be what is causing my
problems? How do I change what user exim is run as?
-- 
Daniel


More information about the dovecot mailing list