On Sat, January 23, 2016 1:29 pm, Adam Wolk wrote: > Hi misc@ > > I'm using OpenSMTPD setup according to [1]. OpenBSD's security(8) keeps > complaining on the way I setup my maildir on the host. > > TL;DR: why u+x on users maildir is considered a bad practice? > > Running security(8): > > Checking mailbox ownership. > user mulander mailbox is drwx------, group mulander > user nemessica mailbox is drwx------, group nemessica >
My guess is that since the system uses mbox format mail storage, it's expecting /var/mail/* to be *files* not folders in which case you wouldn't want them to be executable. If you want to put dovecot mail in var, use a directory other than the system location. Tim.

