|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: put procmail between postfix and dovecot
From: mouss (usebsd
free.fr)
Date: Sun Sep 17 2006 - 16:17:57 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
M. Fioretti wrote:
>> Where / what are the benefits?
>>
>
> well, with:
>
> * every security tutorial and its cousin recommending to close every
> conceivable hole by also creating as little accounts as possible,
> install the smallest possible number of packages etc..
>
If your mail users will have unix access, then using unix accounts may
be easier. if not, then both local and virtual can be used.
now, it's more a matter of personnal preference. Rob prefers local
domains. I prefer virtual domains.
> [snip]
> * procmail (regardless of its own quality) being so ubiquitous
>
(If not already done, take a look at maildrop. I'm not saying move to
maildrop, but see for yourself...)
You can still use procmail in a virtual domain setup: The whole
mailstore belongs to a single uid. Then have your procmail/maildrop
deliver to a maildir/mbox based on the recipient address. This is what I
use (with maildrop).
In this setup, users can't directly access the mail store. They access
it via imap/pop/webmail. To allow per-user config, you can use a web
based tool.
> [snip]
>
> but because it has a lot of little documented shortcomings and
> limitations.
>
What limitations? There are differences, and these differences can't be
ignored.
> [snip]
>
> In the meantime, I highly recommend that the documentation is updated
> to make "use virtual accounts and you can kiss your 10-year old
> procmailrc file good bye unless you suffer" very clear, because it's
> anything but obvious, unless one has studied in great detail BEFORE
> starting not only all the tutorial and howtos he could find (which I
> personally *did*) but any line of every existing man page and relevant
> RFC.
>
>
are you referring to procmail limitation?
> End of the rant now, really, thanks for your patience.
>
> I'll study pipe(8) now. If anybody has any working examples of how to
> tweak it to make procmail happy, or any alternative solution or tips,
> thanks in advance for sharing.
>
just use
virtual_transport = procmail
instead of your mailbox_mumble things.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]