When setting up dsync for replication, what should the user permissions be for sync over ssh? I'm running virtual users only. Postfix and Dovecot services run as mail:mail. All the maildir folders are owned by mail:mail and permissions are 700. User mail is not allowed login. So whats the best practice in respect to security to allow for dsync over ssh? So of the options I consider: 1) change postfix/dovecot settings so that maildirs are created with 770 permissions, then create a user dsync:mail that is allowed for ssh login. 2) permit user mail to login using ssh 3)go with tcp sync rather than ssh Other suggestions? PG