Felix Ingram:
> Hello all,
>
> Is it possible to set group read permissions on delivered mail? I'm using
> virtual to deliver mail to a local maildir and have set a static uid and
> gid. I would then like a separate process to read the mail but this runs as
> a different uid/user. I have added the user to a the same group that I've
> set as the GID but new mails are being saved without any group permissions.
> I've looked for a umask or similar setting but can't find anything.
Postfix creates mailbox and maildir files with mode 0600. This
approach has not been exploitable for 25 years, and I'm not inclined
to change that.
Making the permissions confgurable requires extrememly careful
analysis.
- Calling chmod() is absolutely unsafe.
- Calling fchmod() may be unsafe when a file already exists.
- Temporarily changing the process umask from 077 to 007 is tricky
because the mask must be restored under all conditions.
Having a program running as root scanning mailboxes is not secure,
either.
Have you considered the possibility of using recipient_bcc_maps and
the pipe(8) delivery agent to feed messages into your program?
/etc/postfix/main.cf:
recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc
transport_maps = inline:{{watcher.example.com = watcher:}}
watcher_destination_recipient_limit = 1
/etc/postfix/recipient_bcc
/^(.+)@(example\.com)$/ $1=$2...@watcher.example.com
/etc/postfix/master.cf
watcher unix - n n - - pipe
flags=DRXhu user=watcher argv=/path/to/watcher ${mailbox}
Then the watcher is called with the message on stdin,
and one recipient user=exaple.com on the command line.
Wietse
