I've just tried out Dovecot LDA. The reason I didn't want to use it
before was
that I found it unnecessary together with Exim, plus I wanted to use Exim's
filtering. But now I wanted to see if can notice any improvement when the
indexes are updated on delivery, and I saw that it's possible to use Exim
filters and pass the resulting folder with -m.
Now, correct me if I'm wrong, but IIUC some corrections, improvements, and
comments could be made on http://wiki.dovecot.org/LDA.
In the "Site-wide setup" section (and in dovecot.conf) it's
suggested that
access be restricted to the master socket somehow. The first Exim example
("System-users"), however, requires a world-writable socket. Uncomment
"group
= mail" and deliver will complain that setgid() fails. In this situation,
the "-d $local_part@$domain" is unnecessary because then deliver will
use the
name of the user it's running as (it should probably have been just "-d
$local_part" anyway). However, if deliver is run by root (which is by
default
impossible under Exim) or setuid root, then a destination user is mandatory.
Oh wait, without -d the auth socket isn't used at all, only the HOME
environment variable and default_mail_env are. Well, it shouldn't matter
much
if you're running a standard pam/passwd setup, but with a more complicated
non-virtual setup I see only four solutions: Make deliver setuid root, remove
root from the compiled-in FIXED_NEVER_USERS list, run deliver as a user/group
that has write access to all mailboxes, or make the master socket
world-writable.
--
Magnus Holmgren holmgren at lysator.liu.se
(No Cc of list mail needed, thanks)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20061130/ccb91cd0/attachment.bin>
Almost 4 months later, but I finally got around to doing something about this. :) On Thu, 2006-11-30 at 16:25 +0100, Magnus Holmgren wrote:> Now, correct me if I'm wrong, but IIUC some corrections, improvements, and > comments could be made on http://wiki.dovecot.org/LDA.I split the page up and cleaned it up a bit.> In the "Site-wide setup" section (and in dovecot.conf) it's suggested that > access be restricted to the master socket somehow.I just figured out that it's not actually all that important. If allows only looking up userdb information for a given username. Updated the wiki and dovecot-example.conf> Oh wait, without -d the auth socket isn't used at all, only the HOME > environment variable and default_mail_env are. Well, it shouldn't matter much > if you're running a standard pam/passwd setup, but with a more complicated > non-virtual setup I see only four solutions: Make deliver setuid root, remove > root from the compiled-in FIXED_NEVER_USERS list, run deliver as a user/group > that has write access to all mailboxes, or make the master socket > world-writable.Added a note about running deliver as setuid-root. I also changed the per-user/site-wide to system/virtual user sections instead. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20070322/d0672cc4/attachment.bin>
Possibly Parallel Threads
- dovecot LDA w/ exim: "dyld: Library not loaded" & "trace trap" errors
- default backend = rid not showing full group information for users
- default backend = rid not showing full group information for users
- Wiki needs updating: Dovecot LDA + Dovecot Sieve + Exim
- default backend = rid not showing full group information for users