Re: Implications of LMTP socket being world readable and writable (0666) by default
On 31/03/2024 14:47 EEST da-dovecotlist-15--- via dovecot wrote: Ah yes. Thank you both. I did not think of just overwriting the `lmtp` socket but was looking for a way to define a new socket with a different name and disable the default one. The main question remains open, though: Is the default setting insecure or am I missing something? You can disable it with mode=0. It depends a bit on what the default protocols list is. If it does not include lmtp, lmtp is not enabled. Some distros also require installing dovecot-lmtpd before it is even usable. So. It depends. :) Aki ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Implications of LMTP socket being world readable and writable (0666) by default
Ah yes. Thank you both. I did not think of just overwriting the `lmtp` socket but was looking for a way to define a new socket with a different name and disable the default one. The main question remains open, though: Is the default setting insecure or am I missing something? ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Implications of LMTP socket being world readable and writable (0666) by default
On 31/03/2024 13:55 EEST da-dovecotlist-15--- via dovecot
wrote:
I was surprised to find that the LMTP socket has permission mode 0666
by
default and since configs are merged with defaults, there is no way
to
disable this AFAICS.
# doveconf -d
...
service lmtp {
unix_listener lmtp {
group =
mode = 0666
user =
}
...
}
Is this also how it is supposed to be used in production? I
understand
that LMTP is just for delivering new mails but is there really no
need
to restrict this further? To me it seems reasonable, to force all
services on this machine to go through Postfix and not be able to
just
put e-mails in the users mailboxes via LMTP. Am I missing something?
My use case is a "small" NixOS mail server with Postfix, Nextcloud
a.o.
installed on the same machine. No chroot jails because of NixOS.
Of course there is a way to change that.
service lmtp {
unix_listener lmtp {
mode=0600
}
}
Aki
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Implications of LMTP socket being world readable and writable (0666) by default
On Sun, 31 Mar 2024 12:55:09 +0200
da-dovecotlist-15--- via dovecot wrote:
> I was surprised to find that the LMTP socket has permission mode 0666
> by default and since configs are merged with defaults, there is no
> way to disable this AFAICS.
>
> # doveconf -d
> ...
> service lmtp {
>unix_listener lmtp {
> group =
> mode = 0666
> user =
>}
> ...
> }
>
> Is this also how it is supposed to be used in production? I
> understand that LMTP is just for delivering new mails but is there
> really no need to restrict this further? To me it seems reasonable,
> to force all services on this machine to go through Postfix and not
> be able to just put e-mails in the users mailboxes via LMTP. Am I
> missing something?
You are supposed to change that to a setting suitable for your setup.
# Change lmtp socket to safe mode for postfix
service lmtp {
unix_listener lmtp {
mode = 0220
user = postfix
group = postfix
}
}
For example like this.
--
Tuomo Soini
Foobar Linux services
+358 40 5240030
Foobar Oy
