(Weird: this message digest got dumped into Google's spam folder. Maybe it didn't like the string in a later post (obfuscated here) master(dot)cf,
which in the context of this mailing list is a postfix configuration file, but which Gmail interpret as a website. However, that domain is a SURBL/DBL blacklisted URI).
Ben Morrow writes:
> > And when it's running as root there is always the danger > > of privilege escalation. LDA only runs when it's needed and since it > > uses only user rights it shoudbe more harmless. > > ... > (I'm assuming LMTP stays as root, and not spawning off user > processes to do the real work.) It doesn't stay as root; Dovecot's LMTP switches down to the user's uid to perform delivery, including sieve scripts.
I stand corrected. This removes the other objection that the original poster for running a peristent LMTP process. Joseph Tam <jtam.h...@gmail.com>
