[Dovecot] Comments about LDA wiki page
holmgren at lysator.liu.se
Thu Nov 30 15:25:48 UTC 2006
I've just tried out Dovecot LDA. The reason I didn't want to use it before was
that I found it unnecessary together with Exim, plus I wanted to use Exim's
filtering. But now I wanted to see if can notice any improvement when the
indexes are updated on delivery, and I saw that it's possible to use Exim
filters and pass the resulting folder with -m.
Now, correct me if I'm wrong, but IIUC some corrections, improvements, and
comments could be made on http://wiki.dovecot.org/LDA.
In the "Site-wide setup" section (and in dovecot.conf) it's suggested that
access be restricted to the master socket somehow. The first Exim example
("System-users"), however, requires a world-writable socket. Uncomment "group
= mail" and deliver will complain that setgid() fails. In this situation,
the "-d $local_part@$domain" is unnecessary because then deliver will use the
name of the user it's running as (it should probably have been just "-d
$local_part" anyway). However, if deliver is run by root (which is by default
impossible under Exim) or setuid root, then a destination user is mandatory.
Oh wait, without -d the auth socket isn't used at all, only the HOME
environment variable and default_mail_env are. Well, it shouldn't matter much
if you're running a standard pam/passwd setup, but with a more complicated
non-virtual setup I see only four solutions: Make deliver setuid root, remove
root from the compiled-in FIXED_NEVER_USERS list, run deliver as a user/group
that has write access to all mailboxes, or make the master socket
Magnus Holmgren holmgren at lysator.liu.se
(No Cc of list mail needed, thanks)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20061130/ccb91cd0/attachment.pgp
More information about the dovecot