On 2005-08-25, at 0900, Tijs Zwinkels wrote:

I am currently trying to use vpopmail 2.4.12 with mysql authentication. I want to store the mail in the user-directories, to make mail count for the
system-quota's. Therefore i'm using the vadddomain -u flag.

you do realize that vpopmail stores an entire DOMAIN under one system userid, rather than each MAILBOX under its own system userid? the only reason for doing this is if you need a filesystem quota to control the domain at large, rather than (or in addition to) a separate quota for each mailbox.

i tried this once... if users have access to their Maildir, either through a shell or through FTP, they will find them and mess them up- deleting a "tmp" directory from a folder here, or deleting their Maildir in an attempt to "clean up their disk space"...

i found it easier to make a separate repository for mailboxes (say, inside of the vpopmail's home directory) and give each user two quotas- one for mail, and one for FTP and web stuff.

I'm getting errors about not being able to read the vpopmail.mysql file.

For domain created without the -u option, or if i make the vpopmail.mysql file
world readable, everything works fine.

normally this file has its ownership and permissions set so that it can only be read by the vpopmail user. if you're using specific system userid's for one or more domains, those userid's must also be able to read the file.

It seems that both qmailadmin and the delivery process 'setuid' to the user that's receiving the mail. The problem is: the vpopmail.mysql file isn't
readable by 'normal' users.

ah. you already understand the problem them.

Nor i want it to be readable by my users: With the information in this file,
they could logon and alter the database for every user on the system!

Any ideas on how to handle this?

don't use separate system userid's for each domain.

| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/           <[EMAIL PROTECTED]> |
| Mac OS X proves that it's easier to make UNIX  |
| pretty than it is to make Windows secure.      |

Attachment: PGP.sig
Description: This is a digitally signed message part

Reply via email to