> I'm interested in this, too. I've been playing with the idea of using
> an IP acl to allow the designated mail host to write in my Mail directory
> so I don't have to keep a live token around all the time. (Said host not
> globally login-able except by admins.) But I've not yet found the magical
> minimal set of acl permissions needed to allow slocal to do its work. I'm
> beginning to wonder if "r" access is necessary. With "liw" messages get
> delivered, but the Unseen-sequence doesn't get updated. Has anyone else
> tried this approach? Or found a better one?
I have all mail delivered (on a very secure host) through a filter which
activates a saved admin token. (The token is refreshed at eight-hour
intervals.) The filter program checks that the user's .Mail directory
is not a mount point, that he has enough space in his volume to receive
the mail, and so on. It then creates a lockfile, appends the mail to
the incoming folder, and removes the lockfile. Among the problems I
faced were old lockfiles (delete them after some safe interval) and the
difficulties of getting the delivery agent (PP) to do sensble things
when errors occur (such as not to stop all incoming mail when one user's
mail directory becomes inaccessible).
I made the source available some time ago, and I have just placed them,
along with a README file, in
/afs/transarc.com/public/afs-contrib/src/manch-cc/mail-delivery for
anyone else to play with.
-- Owen
[EMAIL PROTECTED]
