Control: block 822683 by 818377 Hi,
I've recently migrated my Courier MTA setup to stretch and had to go through a few hoops to get it to work, again. An important aspect was the courier-maildrop dump. With the packager's hat on, I'm also all for the drop and don't want to re-duplicate sources. This however means I'd like maildrop to handle the courier use case. The good news is: my virtual mail delivery setup via maildrop works if only I enable HAVE_COURIER for my custom-built maildrop package. Reading the sources, it doesn't seem feasible to just enable HAVE_COURIER for the general maildrop build, though. So I'd like to discuss some options that spring to mind: * change HAVE_COURIER into a dynamic flag: this might well have security implications that I'm unaware of. Note, however, that the courier-maildrop was SUID on root, while maildrop only has the SGID bit set for group 'mail'. So courier-maildrop was *more* of a security risk, not less. This could (or should?) possibly be extended by some mechanism that automatically detects whether or not courier is calling the maildrop executable. Extended (or different) behaviour could be prohibited for a non-courier caller. * build two different binaries from the maildrop source, one as it is, the other with HAVE_COURIER enabled. Are there other options? I'm certainly willing to help and hope to find a solution for stretch that fixes the courier use case. Kind Regards Markus Wanner
signature.asc
Description: OpenPGP digital signature
