Submitted by helpmin on Sun, 02/12/2012 - 21:10
In the advanced option tab it is possible to choose "move mail to file" (let's say instead of "bounce"). But what file permissions and/or ownership would be necessary to make this work (from a virtual server owner point of view)?
Submitted by JamieCameron on Mon, 02/13/2012 - 00:34 Comment #1
The file would need to be writable by the user the mail server runs as, which in practice means the server owner needs to make it world-writable..
Submitted by helpmin on Mon, 02/13/2012 - 13:55 Comment #2
I thought so, so basically the server owner can not use the feature right? Maybe it would make sense to remove it from the list?
Submitted by JamieCameron on Mon, 02/13/2012 - 14:06 Comment #3
Sure, they can use it .. just make sure the file is writable, with a command like
chmod 666 /path/to/file
Submitted by helpmin on Mon, 02/13/2012 - 14:10 Comment #4
But couldn't then every other user write the file as well?
Submitted by JamieCameron on Mon, 02/13/2012 - 14:31 Comment #5
Yes .. unfortunately that is un-avoidable.
Submitted by helpmin on Mon, 02/13/2012 - 16:51 Comment #6
Ok. let's say the user creates a world writeable file. Then the user would also have to change the permissions of the home directory, right?
And doesn't postfix create a file.lock as well in the same folder? How should a user handle this file?
What I am trying to say is that this feature can basically not be used (without security implications), so why have this feature at all (for virtual server owners)?
Submitted by JamieCameron on Mon, 02/13/2012 - 19:39 Comment #7
Good point ... this feature is pretty useless. I will have it disabled by default in future Virtualmin releases.
You can actually turn it off now by going to System Settings -> Virtualmin Configuration -> Server administrator permissions , and in the "Allowed alias types" field de-selecting "File".
Submitted by helpmin on Mon, 02/13/2012 - 23:33 Comment #8