37
37
'/usr/lib/sendmail', which doesn't necessarily work the same as
38
38
'/usr/sbin/sendmail'.
39
39
* 'auth_socket_path' specifies the UNIX socket to dovecot-auth where deliver
40
can lookup userdb information when '-d' parameter is used.
40
can lookup userdb information when '-d' parameter is used. See below how to
41
configure Dovecot to create the socket.
42
43
Note that 'dovecot.conf' file must be world readable to enable deliver process
43
read it, while running with user priviledges.
44
read it, while running with user privileges.
48
49
Parameters accepted by deliver:
50
51
* '-d <username>': Destination username. If given, the user information is
51
looked up from dovecot-auth.
52
looked up from dovecot-auth. Typically used with virtual users, but not
53
necessarily with system users.
52
54
* '-a <address>': Destination address (e.g. user+ext@domain). Default is the
53
55
same as username. (v1.1+ only)
54
56
* '-f <address>': Envelope sender address. Currently this is used only for
139
141
# Note that we're setting a master socket. SMTP AUTH for Postfix and Exim
140
142
uses client sockets.
144
# Typically under base_dir/, if not the directory must be created.
142
145
path = /var/run/dovecot/auth-master
143
147
# Auth master socket can be used to look up userdb information for
144
148
# given usernames. This probably isn't very sensitive information
145
149
# for most systems, but still try to restrict the socket access if
185
189
If you're using more than one UID for users, you're going to have problems
186
running deliver. Most MTAs won't let you run deliver as root, so for now you'll
187
need to make it setuid root. However *it's insecure to make deliver
188
setuid-root*, especially if you have untrusted users in your
189
system.*Setuid-root deliver can be used to gain root privileges*. You should
190
take extra steps to make sure that untrusted users can't run it and potentially
191
gain root privileges. You can do this by making sure only your MTA has
192
execution access to it. For example:
190
running deliver, as most MTAs won't let you run deliver as root. There are two
191
ways to work around this problem:
193
1. Make deliver setuid-root.
194
2. Use sudo to wrap the invocation of deliver.
196
Making deliver setuid-root:
197
---------------------------
199
Beware: *it's insecure to make deliver setuid-root*, especially if you have
200
untrusted users in your system.*Setuid-root deliver can be used to gain root
201
privileges*. You should take extra steps to make sure that untrusted users
202
can't run it and potentially gain root privileges. You can do this by making
203
sure only your MTA has execution access to it. For example:
194
205
---%<-------------------------------------------------------------------------
195
206
# chgrp secmail /usr/local/libexec/dovecot/deliver
198
209
-rwsr-x--- 1 root secmail 4023932 2009-01-15 16:23 deliver
199
210
---%<-------------------------------------------------------------------------
201
Then start deliver as a user that belongs to secmail group.
212
Then start deliver as a user that belongs to secmail group. Note that you have
213
to recreate these rights after each update of dovecot.
218
Alternatively, you can use sudo to wrap the invocation of deliver. This has the
219
advantage that updates will not clobber the setuid bit, but note that *it is
220
just as insecure being able to run deliver via sudo as setuid-root*. Make sure
221
you only give your MTA the ability to invoke deliver via sudo.
223
First configure sudo to allow 'dovelda' user to invoke deliver by adding the
224
following to your '/etc/sudoers':
226
---%<-------------------------------------------------------------------------
227
Defaults:dovelda !syslog
228
dovelda ALL=NOPASSWD:/usr/local/libexec/dovecot/deliver
229
---%<-------------------------------------------------------------------------
231
Then configure your MTA to invoke deliver as user 'dovelda' and via sudo:
233
---%<-------------------------------------------------------------------------
234
/usr/bin/sudo /usr/local/libexec/dovecot/deliver
235
---%<-------------------------------------------------------------------------
237
instead of just plain '/usr/local/libexec/dovecot/deliver'.
203
239
Problems with deliver
204
240
---------------------
244
280
# remember to give proper permissions for these files as well
245
log_path = /var/log/dovecot-deliver.log
281
log_path = /var/log/dovecot-deliver-errors.log
246
282
info_log_path = /var/log/dovecot-deliver.log
248
284
---%<-------------------------------------------------------------------------
266
303
* Virtual quota can be enforced using <Quota plugin> [Quota.txt].
267
304
* Sieve language support can be added with <Sieve plugin> [LDA.Sieve.txt].
269
(This file was created from the wiki on 2009-07-10 04:42)
306
(This file was created from the wiki on 2009-10-16 04:42)