[Dovecot] When should dictionary entries for the expire plugin be added/updated?
Timo Sirainen
tss at iki.fi
Wed Aug 25 16:03:08 EEST 2010
On Wed, 2010-08-25 at 13:00 +0200, Ralph Seichter wrote:
> On 25.08.10 01:52, Timo Sirainen wrote:
>
> > Mail processes connect to dict socket, so all mail users executing
> > mail processes need to have access to it.
>
> Just as I thought when I configured "mode = 0666". I am uneasy about
> userA being potentially able to modify dict entries of userB.
Do you have system users? The group way I mentioned would avoid problems
with them, but of course not security problems related to Dovecot
processes themselves.
> One can
> already define per-user sieve scripts in Dovecot 2.0, and I wonder if
> you have considered per-user dictionaries?
Well, the whole point of expire database is that a single command can
quickly see what users have mails to expunge. So this needs to be a
shared dictionary across users.
Of course, having some kind of user authentication would be nice across
Dovecot processes.. But I'm not sure if there's a way to make that work.
More information about the dovecot
mailing list