I forgot the answer for this: in http://wiki.dovecot.org/AuthDatabase/PasswdFile, we have the passwd file defined as user:password:uid:gid:(gecos):home:(shell):extra_fields What should the uid and gid be associated with? In my setup I told postfix to use Dovecot LDA's deliver, which then is saving files as uid:gid of 1500:1500. How would that affect the uid:gid used in the passwd file? From what I read in the dovecot's wiki, you want them *not* to be anything that has the rights to access the emails. So, does that mean any value for them will do?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 25.12.2010 um 01:55 schrieb Mauricio Tavares:> What should the uid and gid be associated with? In my setup I told postfix to use Dovecot LDA's deliver, which then is saving files as uid:gid of 1500:1500. How would that affect the uid:gid used in the passwd file? From what I read in the dovecot's wiki, you want them *not* to be anything that has the rights to access the emails. So, does that mean any value for them will do?As you are using 'passwd' files instead of real system users you should probably set them to the same non-existing UIDs and GIDs used in the LDA setup. The "access problem" is set around scenarios where one would gain the elevated rights of a Dovecot component and thus could (possibly) access other users mail utilizing the same UIDs/GIDs. Not to mention compromised system accounts using the same. http://wiki.dovecot.org/UserIds Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAk0VunQACgkQ+meF/S97aXgRnQCgq9RrsXTdbylnyfZx6tbgESTg 0AAAn2E+pbIJe613SF98wwEwS6XpS53l =tOim -----END PGP SIGNATURE-----