Postfix Virtual Users with maildrop
in [Postfix]
|
From: Emre Yazici on 19 Feb 2010 10:31 Hello, I am trying to build a flexible mail system using different combinations of mailing softwares (eg. Postfix & maildrop & Dovecot, Exim & Dovecot, qmail & maildrop & Courier IMAP ...), at any time system administrator may decide to interchange between combinations without making a design change. For that purpose I have chosen a hierarchy like this for storing mails (I am using qmail style Maildirs by the way): /var/mailsystem |-- user1 | |-- user1dom1.net | | |-- mailuser1(a)user1dom1.net | | | `-- Maildir | | `-- mailuser2(a)user1dom1.net | | `-- Maildir | `-- user1dom2.net | `-- mail(a)user1dom2.net | `-- Maildir `-- user2 `-- user2dom.net `-- testuser(a)user2dom.net `-- Maildir user1and user2 are Unix system users that may have zero or more mail accounts associated with their zero or more domains. /var/mailsystem/[user] directory and all its subdirectories owned by Unix system user [user] and have 0700 file permissions. When I use Postfix as MTA and maildrop as MDA, I have encountered a mail delivery problem related with user permissions. Here is my virtual trasnport line for maildrop in Postfix's master.cf file. maildrop unix - n n - - pipe flags=DRhu user=user1 argv=/usr/local/bin/maildrop -V 6 -w 90 /var/mailsystem/user1/${nexthop}/${user}@${nexthop}/maildrop.rc As you can see this only works for user user1 because of hardcoded user1 in service parameters. What I want to is to dynamically set corresponding user so that Postfix can invoke maildrop with that user's permissions and mail delivery be made with the correct user rights. A solution for this problem may be setting maildrop's user id to root but since they may cause security compromise I don't like suid binaries.
From: Wietse Venema on 19 Feb 2010 12:52 Emre Yazici: > I want to is to dynamically set > corresponding user so that Postfix can invoke maildrop with that user's > permissions and mail delivery be made with the correct user rights. Use the Postfix local(8) delivery agent, and execute the maildrop command via the mailbox_command (or mailbox_command_maps) mechanism. Wietse
From: mouss on 19 Feb 2010 13:32 Wietse Venema a �crit : > Emre Yazici: >> I want to is to dynamically set >> corresponding user so that Postfix can invoke maildrop with that user's >> permissions and mail delivery be made with the correct user rights. > > Use the Postfix local(8) delivery agent, and execute the maildrop > command via the mailbox_command (or mailbox_command_maps) mechanism. > alternatively, make sure maildrop is setuid (isn't this the default?) and run it as a "trusted user" (the list of trusted users is configured at maildrop build time). check maildrop docs. That said, I prefer Wietse suggestion...
From: /dev/rob0 on 19 Feb 2010 19:57 On Fri, Feb 19, 2010 at 07:32:27PM +0100, mouss wrote: > Wietse Venema a écrit : > > Emre Yazici: > >> I want to is to dynamically set corresponding user so that > >> Postfix can invoke maildrop with that user's permissions and > >> mail delivery be made with the correct user rights. > > > > Use the Postfix local(8) delivery agent, and execute the maildrop > > command via the mailbox_command (or mailbox_command_maps) > > mechanism. > > alternatively, make sure maildrop is setuid (isn't this the > default?) and run it as a "trusted user" (the list of trusted users > is configured at maildrop build time). check maildrop docs. Another alternative to consider, since the mailbox scheme seemed pretty simple, is to use virtual(8) with virtual_{gid,uid}_maps populated as needed and desired. A simple scheme might be to use a common group for all (such as "virtual_gid_maps=static:vmail") with separate UIDs per domain. A more complex approach can be done, such as separate UIDs per mailbox, and a shared GID per domain. Then you have to create your maildirs with correct ownership when creating a new account. > That said, I prefer Wietse suggestion... I do too, except I don't see the need for maildrop in this scenario. Looks like a job for local(8) on its own. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header
From: mouss on 20 Feb 2010 05:48
/dev/rob0 a �crit : > On Fri, Feb 19, 2010 at 07:32:27PM +0100, mouss wrote: >> Wietse Venema a �crit : >>> Emre Yazici: >>>> I want to is to dynamically set corresponding user so that >>>> Postfix can invoke maildrop with that user's permissions and >>>> mail delivery be made with the correct user rights. >>> Use the Postfix local(8) delivery agent, and execute the maildrop >>> command via the mailbox_command (or mailbox_command_maps) >>> mechanism. >> alternatively, make sure maildrop is setuid (isn't this the >> default?) and run it as a "trusted user" (the list of trusted users >> is configured at maildrop build time). check maildrop docs. > > Another alternative to consider, since the mailbox scheme seemed > pretty simple, is to use virtual(8) with virtual_{gid,uid}_maps > populated as needed and desired. A simple scheme might be to use a > common group for all (such as "virtual_gid_maps=static:vmail") with > separate UIDs per domain. > > A more complex approach can be done, such as separate UIDs per > mailbox, and a shared GID per domain. Then you have to create your > maildirs with correct ownership when creating a new account. > >> That said, I prefer Wietse suggestion... > > I do too, except I don't see the need for maildrop in this scenario. > Looks like a job for local(8) on its own. seems OP relies on maildrop "filtering" capabilities (I see a maildrop.rc in his post). Of course, in the dovecot case, I would use dovecot-sieve ... |