Re: [maildropl] maildrop + Ldap , maildirsize don't update - algodas - net.sourceforge.lists.courier-maildrop

11 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] maildrop + Ldap , mai...

From	Sent On	Attachments
algodas	Apr 24, 2009 11:48 am
Sam Varshavchik	Apr 24, 2009 3:54 pm
algodas	Apr 25, 2009 3:06 pm
Sam Varshavchik	Apr 25, 2009 3:43 pm
algodas	Apr 26, 2009 4:04 pm
Sam Varshavchik	Apr 26, 2009 4:59 pm
algodas	Apr 27, 2009 6:57 am
Sam Varshavchik	Apr 27, 2009 3:03 pm
Tiago Gomes	May 22, 2009 6:47 am
algodas	May 22, 2009 1:29 pm
Sam Varshavchik	May 22, 2009 4:00 pm

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	Re: [maildropl] maildrop + Ldap , maildirsize don't update	Actions...
From:	algodas (algo...@gmail.com)
Date:	May 22, 2009 1:29:07 pm
List:	net.sourceforge.lists.courier-maildrop

The maildrop's permission

# ls -la /usr/local/bin/maildrop -rwsrwxrwx 1 maildrop www 763422 Apr 28 18:25 /usr/local/bin/maildrop

// Permission to user maildrop and group www , respectly : 1003 and 8

# ls -la /mailbox/domain.com.br/tiago.pereira/Maildir

drwxrwxr-x 13 maildrop www 4096 Apr 24 18:06 . drwxrwxrwx 4 maildrop www 4096 Apr 27 19:40 .. drwxrwxr-x 6 maildrop www 4096 Jan 29 11:00 .Drafts drwxrwxr-x 6 maildrop www 4096 Jan 29 11:00 .Junk drwxrwxr-x 6 maildrop www 4096 Jan 29 11:00 .Sent drwxrwxr-x 6 maildrop www 4096 Dec 30 15:59 .Spam drwxrwxr-x 6 maildrop www 4096 Dec 15 15:13 .Trash drwxrwxr-x 6 maildrop www 4096 Nov 19 2008 .sent-mail drwxrwxr-x 2 maildrop www 4096 Dec 30 13:41 courierimaphieracl drwxrwxr-x 2 maildrop www 4096 May 19 19:41 courierimapkeywords -rwxrwxr-x 1 maildrop www 74 Jan 29 11:00 courierimapsubscribed -rw-r--r-- 1 maildrop www 17 May 19 19:41 courierimapuiddb -rw-r--r-- 1 maildrop www 108 May 22 15:16 courierpop3dsizelist drwxrwxr-x 2 maildrop www 4096 May 22 15:16 cur -rw-r--r-- 1 maildrop www 1129 Apr 24 15:58 mmaildirsize drwxrwxr-x 2 maildrop www 4096 May 22 15:16 new drwxrwxr-x 2 maildrop www 4096 May 22 15:16 tmp

Hi Sam, can you help me to adjust the permissions about maildrop ? can i show my schema of permission and may configuration files ? it 's works very well but don 't update the maildirsize file. Thank's

2009/4/27 Sam Varshavchik <mrs...@courier-mta.com>

algodas writes:

Hi, sam . I'm configuring maildrop with thats options, the delivery it's ok, the permission for maildrop is: -rwsrwxrwx 1 maildrop www 745102 Apr 21 00:37 maildrop

the owner for Maildirs is user maildrop and the permission for maildir is 600 .

any Idea ?

For starters, group+world writable is a bad idea. Terrible idea.

Furthermore, the above does not really indicate which option you have selected. In fact, none of the three options mentioned in the INSTALL file would result in something like this.

This is not complicated. This is standard UNIX file permission configuration issue. UNIX permissions have worked the same way for forty years now. If you do not understand how process/file permissions work, then there are plenty of tutorials and FAQs on the web that explain how they work.

maildrop's INSTALL file says:

NOTE:

When using the standalone maildrop build with courier-authlib, one of the following configurations must be used:

* Your mail server must invoke maildrop as the root user (the -d flag reads the mail account's uid and gid, then drops root) . * Manually change the permissions on the maildrop binary to be setuid root. * Manually change the permissions on the courier-authlib's socket directory (/usr/local/var/spool/authdaemon by default) to be globally readable or executable.

This does not mean that you get to randomly pick one of these three options. The correct option depends on how you have your system accounts and your mail server configured. maildrop must be able to contact courier-authlib's socket, and, after obtaining the account details, be able to change its uid and gid to the account's uid and gid, then change to the account's home directory and maildir. Therefore, either you must arrange for maildrop to have root privileges, or all all your mail accounts must use the same virtual uid and gid, maildrop must get invoked by your mail server using the global uid and gid, and courier-authlib's socket directory must similarly be searchable by this uid and gid.

If you still do not understand this, you should not just randomly change the permissions on maildrop binary, to see what works, or what does not. Mail system security is very important, and you must understand exactly how process and file permissions work, on UNIX, before proceeding any further.

------------------------------------------------------------------------------ Register Now & Save for Velocity, the Web Performance & Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance & Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf

---------------------------------------------------------------- Tiago Gomes Pereira http://www.tiagogomes.eti.br LPI Certified LPI ID - LPI000129445 IT Service Management - ITIL FOUNDATION V2 ID - SR341901 algo...@gmail.com

------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: