Petri Riihikallio wrote:
The maildrop line in postfix originally looked like this:
maildrop unix - n n - - pipe
flags=DRhu user=mail argv=/usr/bin/maildrop -d ${recipient}
and the authldaprc:
...
LDAP_MAIL mail
LDAP_HOMEDIR mailMessageStore
LDAP_MAILDIR mailMessageStore
LDAP_GLOBAL_UID mail
LDAP_GLOBAL_GID mail
LDAP_DEREF never
...
Now I changed the authldaprc file by setting the LDAP_UID to uidNumber
and the LDAP_GID accordingly
and removed the '-d' switch from the postfix master.cf file
Do not remove the '-d' switch, it is necessary. Is /usr/bin/maildrop
owned by root and have it's suid bit set? Does the user 'mail' belong
to the trusted users of maildrop (set at compile time)?
See 'man pipe' section Flags -> user= and 'man maildrop' section
Options -> -d
Another approach would be to use maildrop as mailbox_command in Postfix.
See http://www.postfix.org/MAILDROP_README.html section Indirect
delivery via the local delivery agent
Yes, maildrop is owned by root, setuid(/setgid), and mail is a trusted
user (as in the old setup maildrop run as "mail").
I re-inserted the -d switch. If the maildroprc file isn't specified by
hand than it isn't executed otherwise the result is the same as before.
I've read both of the man pages but didn't get closer to the solution.
using maildrop as mailbox command could be a solution but if it is
possible i'd stick with the current setup because it doesn't explicitly
require every user to
have a unix system account (or a compatible LDAP account) which might
turn out to be a big advantage.
Do you have any more ideas?
Thanks,
Adam
9 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] per-user uid & ldap
