For qmail's pop3, I am currently using:
tcpserver -R -v -x /some/path/tcp.pop3.cdb -u 0 -g 123 0 pop3 \
/var/qmail/bin/qmail-popup my.machine.com /var/qmail/bin/checkpassword \
/var/qmail/bin/qmail-pop3d Maildir 2>&1 | /var/qmail/bin/splogger pop3 3 &
in /etc/rc.d where the GID for users is 123, and am uncomfortable with
letting pop3 run under root UID. What are the other options for the -u
and -g in the above tcpserver command, where the pop3 mail is stored
in ~/Maildir in each user's shell account? (For flexibility reasons, I
don't want to put it in /var/qmail/aliases/auser.)
Thanks,
John
BTW, the way I configured qmail, any shell user's ~/.qmail can contain
"|preline /usr/local/bin/procmail", "./Maildir/",
"/the/mbox/mail/spool/directory/auser", etc., which gives a lot of
extensibility and flexibility. I would just like to limit the damage
that could be done if a bandit actually does get through tcpserver and
qmail-pop3d, ie., -u and -g to the tcpserver not being system
accounts. (I had to use the -R because some antique Eudora programs
can't/don't info/authenticate.) The FAQ does not use the -u or -g.
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
