Hi all,
I have a question related to using the Dovecot LDA (deliver) with a multiple UID setup as described on the http://wiki.dovecot.org/LDA page in the "Multiple UIDs" section.
I run Postfix (virtual mailboxes) + Dovecot using multiple UIDs (one UID per virtual domain owner). I configured Postfix to use Dovecot Deliver for the virtual transport. To overcome the problem of multiple UIDs I used the solution described on the http://wiki.dovecot.org/LDA page in the "Multiple UIDs" section. I used the "sudo" solution as described on the page. I only call the deliver with sudo from inside Postfix and the sudoer user is only allowed to sudo on the deliver binary.
My question is: Is this solution secure? Can It be used on a production environment? What exactly happens in the background from the time I call "deliver" with sudo, to the time the delivery is finished?
The configuration works. The emails get delivered but I am concerned about the security of this setup :(.
Thank you,
Buzai Andras