Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
Q: How can I prohibit users from changing mail-path in their $HOME/.procmailrc back to $HOME/.maildir? Dont know if you can stop that. Strange. It seems to me to be a sort of security problem, if someone can so easily circumvent userquota settings... After logging there I get either message No mail, or You have new mail. But I do not get any similar message on my Gentoo box. Why? Can I somehow activate it? Not with maildirs you dont. It seems to me maildir does not have only advantages :-( Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
On Tue, 30 Aug 2005, Jarry wrote: Strange. It seems to me to be a sort of security problem, if someone can so easily circumvent userquota settings... Not if you have quotas on /home -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
A. Khattri wrote: Strange. It seems to me to be a sort of security problem, if someone can so easily circumvent userquota settings... Not if you have quotas on /home Yes I do have quotas both on /home and /var. But if user can redirect its mails from /var (where userquota is 100MB, mail is supposed to be there) to /home (where userquota is 5GB and where user files are supposed to be, but not mails), then it really is a security problem for me... Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
On Mon August 29 2005 04:19 pm, A. Khattri wrote: And last question: I have access to one Debian box (which uses mbox format). After logging there I get either message No mail, or You have new mail. But I do not get any similar message on my Gentoo box. Why? Can I somehow activate it? Not with maildirs you dont. I'm not so sure this is true. I've been using Maildirs for 8 years and I get these messages on my Fedora Core machines, but I haven't bothered seeing why I don't on Gentoo. -- Ron -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
On Mon, Aug 29, 2005 at 08:42:38PM +0200, Jarry wrote If you have a problem with users having access to certain email, then don't let them access that email at all. That is the only way. Neil Bothwick wrote: Q: How can I prohibit users from changing mail-path in their $HOME/.procmailrc back to $HOME/.maildir? That way they could circumvent my /var userqouta settings (100MB) and use /home settings (5GB)... I believe that procmail is paranoid about any .procmailrc not having correct ownership and permissions. So if you chown it to root, procmail may ignore it when processing email for the user. You might want to look at setting up .procmailrc properly in the user's name, and then chattr +i on it. That should lock it down. Having said that... what's to prevent a user from saving copies of his email to a directory in his own account? I repeat what I said at the start of this message... if you have a problem with users having access to certain email, then don't let them access that email at all. That is the only way. -- Walter Dnes [EMAIL PROTECTED] My musings on technology and security at http://tech_sec.blog.ca -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
Neil Bothwick wrote: MAILDIR=/var/spool/mail DEFAULT=$MAILDIR/$LOGNAME/ at the top of /etc/procmailrc OK, I tried. My /etc/procmailrc is: DEFAULT=/var/spool/mail/$LOGNAME/ # that is the same Mail is still in maildir format but at least in /var/spool/mail. Q: How can I prohibit users from changing mail-path in their $HOME/.procmailrc back to $HOME/.maildir? That way they could circumvent my /var userqouta settings (100MB) and use /home settings (5GB)... One more problem: I can not force elm to read it. If I start elm with option -f /var/spool/mail/$LOGNAME, it complains that it is directory. When I try elm -f /var/spool/mail/$LOGNAME/new, the same. It seems to me, that elm simply can not read maildir format at all. I tried another command-line mailer, mail: the same problem... Which command-line mail-reader supports maildir format? And last question: I have access to one Debian box (which uses mbox format). After logging there I get either message No mail, or You have new mail. But I do not get any similar message on my Gentoo box. Why? Can I somehow activate it? Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
On Mon, 29 Aug 2005, Jarry wrote: Q: How can I prohibit users from changing mail-path in their $HOME/.procmailrc back to $HOME/.maildir? That way they could circumvent my /var userqouta settings (100MB) and use /home settings (5GB)... Dont know if you can stop that. One more problem: I can not force elm to read it. If I start elm with option -f /var/spool/mail/$LOGNAME, it complains that it is directory. When I try elm -f /var/spool/mail/$LOGNAME/new, the same. It seems to me, that elm simply can not read maildir format at all. I tried another command-line mailer, mail: the same problem... Which command-line mail-reader supports maildir format? Hey, welcome to the 21st century (noone use elm and mail anymore ;-) You probably need to setup an IMAP server and then configure Pine and/or mutt to use IMAP (mutt actually supports maildir but some people might want to use Pine instead). I would remove elm entirely. And last question: I have access to one Debian box (which uses mbox format). After logging there I get either message No mail, or You have new mail. But I do not get any similar message on my Gentoo box. Why? Can I somehow activate it? Not with maildirs you dont. -- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
On Mon, 29 Aug 2005 20:42:38 +0200, Jarry wrote: MAILDIR=/var/spool/mail DEFAULT=$MAILDIR/$LOGNAME/ at the top of /etc/procmailrc OK, I tried. My /etc/procmailrc is: DEFAULT=/var/spool/mail/$LOGNAME/ # that is the same Mail is still in maildir format but at least in /var/spool/mail. Rhat's correct, as others have said, maildir has many benefits. If you want delivery to a single file, remove the trailing slash. Q: How can I prohibit users from changing mail-path in their $HOME/.procmailrc back to $HOME/.maildir? That way they could circumvent my /var userqouta settings (100MB) and use /home settings (5GB)... Set the ownership of all .maildir directories to root:root and chmod 700? It wouldn't stop them changing it, but they'd soon change it back :) -- Neil Bothwick Joystick: (n.) a device essential for performing business tasks and training exercises esp. favored by pilots, tank commanders, riverboat gamblers, and medieval warlords. pgp2bI3dgLVdp.pgp Description: PGP signature
Re: [gentoo-user] mail in $HOME/.maildir, why ??? (cont.)
Le 29 août à 20:42:38 Jarry [EMAIL PROTECTED] écrit notamment: | OK, I tried. My /etc/procmailrc is: | DEFAULT=/var/spool/mail/$LOGNAME/ # that is the same | Mail is still in maildir format but at least in /var/spool/mail. DEFAULT=/var/spool/mail/$LOGNAME (no slash at the end) should give you mbox format if you really like it (you might be the only one around here :-)) cheers, -- Jean Magnan de Bornier |Cours Victor Hugo e-mots: jean at bornier.net|13980 Alleins France T 08 70 39 34 03 |P 06 09 17 35 87 -- gentoo-user@gentoo.org mailing list
[gentoo-user] mail in $HOME/.maildir, why ???
Hi, I'm using sendmail as my mail-server, and I noticed, that mail for users is stored in $HOME/.maildir, not in /var/spool/mail. And each mail is stored as separate file, not all in one file. WHY??? Some mail clients does not look for new mail in $HOME/.maildir with default settings (for example elm, only with -f). Moreover, I expected that all mail will be in /var/spool/mail, so I created /var relatively big and now I see that it is almost empty. Even my pop3 server does not look for new mail in $HOME/.maildir, so no user can download his mail throught pop3... How can I force my mailserver to use /var/spool/mail? Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ???
Jarry wrote: I'm using sendmail as my mail-server, and I noticed, that mail for users is stored in $HOME/.maildir, not in /var/spool/mail. And each mail is stored as separate file, not all in one file. WHY??? It's called the maildir mail storage format. I find it very useful, especially with big mailboxes... Some mail clients does not look for new mail in $HOME/.maildir with default settings (for example elm, only with -f). Your mailreader must support maildir to read mails from it, of course. But yours seems to do it (with -f), so that's not really a problem, is it? Moreover, I expected that all mail will be in /var/spool/mail, so I created /var relatively big and now I see that it is almost empty. Well, normally your /home isn't that small, so that shouldn't be a problem too... Even my pop3 server does not look for new mail in $HOME/.maildir, so no user can download his mail throught pop3... Again, use a pop3 server which supports maildir, and everything is fine. How can I force my mailserver to use /var/spool/mail? You could add mbox to your useflags and emerge sendmail. If you *really* want to use mbox... Christoph -- echo mailto: NOSPAM !#$.'*'|sed 's. ..'|tr * !#:2 [EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ???
On Wed, 24 Aug 2005, Jarry wrote: Personally I do not see any advantage of it over /var/spool/mail. On the other side, separate partitions for /var (with mail) and /home (with user files) let me define different quotas for mail and files. Well, at least I thought it, until I found out that mail is actually in /home too... There have been many discussions for years about how maildir is superior to mbox format... Im sure Google will help you find them. Not for me, but for my users. Now I have to go through each mailreader and find out how to force it reading mails from .maildir There is probably a global config file for most mailers. BTW, if some users do not have $HOME, where their .maildir will be??? Not all email systems use /var/mail or $HOME, qmail+vpopmail stores email for everyone under /home/vpopmail/domains for example. You could add mbox to your useflags and emerge sendmail. If you *really* want to use mbox... That seem to me to be much easier. First I will find some info about it, but if there is no substantial advantage in using maildirs instead of /var/sool/mail, I will switch to the old mail storage system... We had all sorts of performance problems with mbox format - it is not scaleable, bigger mboxes produce huge loads on the server. I should also mention that maildir is inherently safer over NFS than mbox. Its clear from your posting that you have yet to experience the problems that have caused a lot of server administrators to abandon mbox format. -- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] mail in $HOME/.maildir, why ???
On Wed, 24 Aug 2005 16:28:08 +0200, Jarry wrote: It's called the maildir mail storage format. I find it very useful, Personally I do not see any advantage of it over /var/spool/mail. On the other side, separate partitions for /var (with mail) and /home (with user files) let me define different quotas for mail and files. Well, at least I thought it, until I found out that mail is actually in /home too... You can have maildir and still keep your mail in /var/spool/mail. In this case, each user has a directory in /var/spool/mail. Are you using procmail for delivery? If so, you need MAILDIR=/var/spool/mail DEFAULT=$MAILDIR/$LOGNAME/ at the top of /etc/procmailrc -- Neil Bothwick Give a man a fish and you feed him for a day; Teach him to use the Net and he won't bother you for weeks. pgpyVJJXyoOMZ.pgp Description: PGP signature
Re: [gentoo-user] mail in $HOME/.maildir, why ???
Neil Bothwick wrote: You can have maildir and still keep your mail in /var/spool/mail. In this case, each user has a directory in /var/spool/mail. Are you using procmail for delivery? If so, you need MAILDIR=/var/spool/mail DEFAULT=$MAILDIR/$LOGNAME/ at the top of /etc/procmailrc Hm, that sounds interesting. I really want to have mails on a separate partition. Thanks for the tip, I will have a look at it... Jarry -- gentoo-user@gentoo.org mailing list
