My network admins recently installed an IMAP server. Being a pine lover, I jumped at the opportunity. I was met with the complaint "Mailbox vulnerable - directory /var/spool/mail must have 1777 protection."
Now I realize that 1777 protection is needed to write a .lock file (because imapd doesn't run as setuid root) so that my mail won't become corrupted. I telnetted to the IMAP server & executed an examine inbox command. I got the same error. This made me suspect that they were using imapd & that it wasn't properly configured. I asked the admins about this & pointed to the IMAPd documentation that told them to set 1777 or use mlock or something similar. There response was that I should use Outlook or Eudora, which "do not require the type of file permissions" I described and that they tested it extensively. Are they correct or am I having smoke blown up my rear? Because the complaint is made server side and because I'd assume that all IMAP clients read and write to the mailboxes the same way, wouldn't the selection of IMAP client not matter? If I'm wrong, what do Outlook and Eudora do differently? Not using .lock files doesn't mean that a mailbox will definitely be corrupted, but that you're playing a crapshoot, right? Their anecdotal evidence of testing doesn't matter. I do hope I'm wrong & that someone can enlighten me as to how truly sage my admins are. If I'm right, any suggestions on how to deal with stubborn admins ;-) Thanks, Richard Karnesky -- ----------------------------------------------------------------- For information about this mailing list, and its archives, see: http://www.washington.edu/imap/imap-list.html -----------------------------------------------------------------
