> On 01-25-2022 11:35 am, Marc wrote: > 2. if you do not use separate users, everything is written under the same uid.
IMO: So what? What is the difference between a linux user vs a virtual user permission wise? They are both equally unprivileged users. If dovecot can get to them, virtual or linux user, then a hacked dovecot can still get to them. You aren't saving anything. Dovecot can also be configured to use virtual users from a database, and each virtual user be assigned a different UID for reading/writing maildir files. > 3. most amateurs use a crappy mysql as backend for virtual users. > The likelihood of that being compromised compared to the linux os is much and > much higher. Even if SQL is compromised you aren't storing emails in SQL, just email addresses and passwords. That is why password hashing exist. If SQL is configured to only localhost connections then it is not getting compromised, unless your entire server is compromised, in which case SQL access is moot because they can just get the maildir files. I also doubt that gmail, outlook and yahoo have separate linux users for their millions of email accounts. I have not heard of a massive email breach where hackers gained access to all gmail messages. Saying all that, it is your server, do with it how you please. People here on the list are just telling you what is acceptable safe practice industry wide. Another drawback to using linux users is you will never be able to cluster/scale up. But if your preference is to use linux users go for it.
