Tom Collins wrote:
On Apr 14, 2006, at 9:57 AM, Ken Jones wrote:
kengheng wrote:
When I add a domain using vadddomain -u <domain>, I have to change
the permission of /var/qmail/vpopmail/etc/vpopmail.mysql to o+r ?
Thanks.
Yes. By default, and for security reasons,
the ~vpopmail/etc/vpopmail.mysql file is only readable
by the vpopmail user.
If you add any domain under a different user, that user
will need access to that file.
You could either grant access to all users, or you could
make sure the vchkpw group has access and include the new
user in the vchkpw group.
Note that making it world-readable opens up a dangerous security
hole. If someone can get access to the server, they can learn the
username and password for the entire vpopmail database. If that
server just does email, and only admins have access/accounts, then
it's less of a risk. Doing it on a server that does web hosting and
allows users to upload their own cgi scripts would be very dangerous.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
I agree with Tom, it will lead to more threats available. I'm using
vadddomain -u option is for system based quota control, if the -u is not
suitable in this scenario, what else can be used to control the mail
quota since the vpopmail is not plan to add the domain quota function.
Thanks.
