[Dovecot] Dovecot "deliver" with multiple UIDs (security question)

Buzai Andras buzai.andras at gmail.com
Sat Jul 10 12:30:19 EEST 2010


Hi all,

I have a question related to using the Dovecot LDA (deliver) with a multiple
UID setup as described on the http://wiki.dovecot.org/LDA page in the
"Multiple UIDs" section.

I run Postfix (virtual mailboxes) + Dovecot using multiple UIDs (one UID per
virtual domain owner).
I configured Postfix to use Dovecot Deliver for the virtual transport.
To overcome the problem of multiple UIDs I used the solution described on
the http://wiki.dovecot.org/LDA page in the "Multiple UIDs" section.
I used the "sudo" solution as described on the page.
I only call the deliver with sudo from inside Postfix and the sudoer user is
only allowed to sudo on the deliver binary.

My question is:
Is this solution secure? Can It be used on a production environment?
What exactly happens in the background from the time I call "deliver" with
sudo, to the time the delivery is finished?

The configuration works. The emails get delivered but I am concerned about
the security of this setup :(.


Thank you,

Buzai Andras


More information about the dovecot mailing list