Hello, Christopher
On the right of a person who had successfully run rootless sendmail
installations for many years,
please find some comments below.
On 2020-04-26 12:30, Christopher Zimmermann wrote:
Thanks for giving it a thought. I'm not entirely convinced either. But
believe some thought should be given to it.
In your opinion would it be generaly a bad idea to try run smtpd
without root privileges?
What exectly will cease to work?
- .forward and alias _filtering_ will break for sure.
not necessarily. at least as long as users will have smtpd and their
.forward and in the same group and you've documented it. also, .forward
and authentication could be handled by a separate daemon bound to unix
socket only, which won't listen to outside world. or even better,
separate all the functions, that usually need root access to such
daemon(s).
the only thing was broken for me in sendmail's case, was mbox
deliveries. but AFAIR, that was solved by having patched version of
mail.local.
--
With best regards,
Gregory Edigarov
