On Thu, Jul 06, 2023 at 05:43:22AM -0700, Dan Mahoney via Postfix-users wrote:
> We have our aliases file pushing things into our RT install, but also
> saving things to a maildir, so we can manually feed a single file back
> in, thusly:
>
> In /etc/aliases:
>
> noc: "|/usr/local/sbin/rtmailgate ops noc cor",
> "/root/ops/Maildir/"
> noc-comment: "|/usr/local/sbin/rtmailgate ops noc com",
> "/root/ops/Maildir/"
Storing email in the home directory of the "root" user is a poor choice.
Store the email in a suitable directory under /var/spool/, and for a
user other than root.
noc: "|/usr/local/sbin/rtmailgate ops noc cor", noc-archive
Create a noc-archive user, and arrange for that user's email to be
delivered to a maildir.
> On a recent upgrade, we started getting permission denied for the
> Maildir. (But note that the system upgrade may have also reset root’s
> homedir permissions)
Good, the home directory should belong to root only and not allow access
by others.
> We noticed that root’s homedir was o-rwx, but we’re pretty sure it was
> that way before as well. (The maildir itself is owned by “nobody”)
Not a good idea.
> Is there supposed to be a setuid portion of postfix that allows it to
> deliver to user maildirs/mailboxes? Is there a way to tell it to do
> this when delivering to a given maildir?
No. Leave "root" out of the delivery path for mail.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
