Joel Conover wrote:
postfix/pipe[16155]: A5CB5163EC6: to=<[EMAIL PROTECTED]>,
relay=maildrop, delay=0, status=bounced (user unknown. Command output:
ERR: authdaemon: s_connect() failed: Permission denied Invalid user
specified. )
See the NOTE in the first section of the INSTALL document:
NOTE:
When using the standalone maildrop build with courier-authlib, one
of the following configurations must be used:
* Your mail server must invoke maildrop as the root user (the
-d flag reads the mail account's uid and gid, then drops root) .
* Manually change the permissions on the maildrop binary to be
setuid root.
* Manually change the permissions on the courier-authlib's
socket directory (/usr/local/var/spool/authdaemon by default) to be
globally readable or executable.
The default permissions on courier-authlib's socket directory
blocks world-access to the filesystem socket connected to
courier-authlib's authentication daemon process. In order for maildrop
to connect to the authentication library, maildrop must either have root
privileges (which will be temporary, as soon as maildrop determines the
account's userid and groupid, it will drop root, before reading the
maildroprc file), or courier-authlib's socket directory must have world
read and execute permission.
Note that if the permissions on the socket directory are changed,
anyone on the system can connect and obtain any account's password!
It is the system administrator's responsibility to choose the
appropriate security policy when using the Courier Authentication Library.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users