On Fri, Feb 19, 2010 at 07:32:27PM +0100, mouss wrote:
> Wietse Venema a écrit :
> > Emre Yazici:
> >> I want to is to dynamically set corresponding user so that
> >> Postfix can invoke maildrop with that user's permissions and
> >> mail delivery be made with the correct user rights.
> >
> > Use the Postfix local(8) delivery agent, and execute the maildrop
> > command via the mailbox_command (or mailbox_command_maps)
> > mechanism.
>
> alternatively, make sure maildrop is setuid (isn't this the
> default?) and run it as a "trusted user" (the list of trusted users
> is configured at maildrop build time). check maildrop docs.
Another alternative to consider, since the mailbox scheme seemed
pretty simple, is to use virtual(8) with virtual_{gid,uid}_maps
populated as needed and desired. A simple scheme might be to use a
common group for all (such as "virtual_gid_maps=static:vmail") with
separate UIDs per domain.
A more complex approach can be done, such as separate UIDs per
mailbox, and a shared GID per domain. Then you have to create your
maildirs with correct ownership when creating a new account.
> That said, I prefer Wietse suggestion...
I do too, except I don't see the need for maildrop in this scenario.
Looks like a job for local(8) on its own.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
