/dev/rob0 yazm?s,:
On Fri, Feb 19, 2010 at 07:32:27PM +0100, mouss wrote:
Wietse Venema a écrit :
Emre Yazici:
I want to is to dynamically set corresponding user so that
Postfix can invoke maildrop with that user's permissions and
mail delivery be made with the correct user rights.
Use the Postfix local(8) delivery agent, and execute the maildrop
command via the mailbox_command (or mailbox_command_maps)
mechanism.
alternatively, make sure maildrop is setuid (isn't this the
default?) and run it as a "trusted user" (the list of trusted users
is configured at maildrop build time). check maildrop docs.
Another alternative to consider, since the mailbox scheme seemed
pretty simple, is to use virtual(8) with virtual_{gid,uid}_maps
populated as needed and desired. A simple scheme might be to use a
common group for all (such as "virtual_gid_maps=static:vmail") with
separate UIDs per domain.
A more complex approach can be done, such as separate UIDs per
mailbox, and a shared GID per domain. Then you have to create your
maildirs with correct ownership when creating a new account.
That said, I prefer Wietse suggestion...
I do too, except I don't see the need for maildrop in this scenario.
Looks like a job for local(8) on its own.
Using separate UID and a common GID leads to problem with maldrop
because I use custom mailfilter file for each virtual user. From the
maildrop manual page:
> maildrop is very paranoid: both $HOME/.mailfilters, and
$HOME/.mailfilters/filterfile must be owned by the user, and may not
have any group or world permissions.
