Re: [exim] Re (n): Configuring for non-encrypted MUA to localhost. TLS-on-connect, exim to smarthost.
On 06/04/2023 18:30, Peter via Exim-users wrote: I should refrain from attempting to send messages as root. Should submit as ordinary user. Correct? Nope. The "don't run as root" thing doesn't affect deliveries done via smtp, only deliveries to file. Deliveries to file have to be done as the owner of the recipient account, so as to have permission to modify their files. But we want to avoid running as root (and sometimes some other privileged users too, which is why it's configurable) because doing so is an attack surface just begging to be scratched. Your deliver-to-smartmost is not that. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Re (n): Configuring for non-encrypted MUA to localhost. TLS-on-connect, exim to smarthost.
From: Jeremy Harris via Exim-users Date: Thu, 6 Apr 2023 17:49:27 +0100 "Delivery" meaning the specific phase of a message going outward from exim, as opposed to being accepted by exim. Consistent with my observation that messages from root are accepted into the queue but not sent to the smarthost. HYPOTHESIZED CONCLUSION I should refrain from attempting to send messages as root. Should submit as ordinary user. Correct? Can the limitation be circumvented without sacrificing security? AIR the user acts as root in Puppy Linux. How is email submitted there? Thx, ... P. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
