Re: [Exim] Replacing sendmail on RH 6.0

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Nigel Metheringham
Date:  
À: stuart.children
CC: exim-users
Sujet: Re: [Exim] Replacing sendmail on RH 6.0
stuart.children@??? said:
> If you've got a reason why not, please state it - then I explain my
> reasoning better. I assume however, that you're referring to the
> possible problems that Otavio alluded to. As I said in my reply to
> his message, I don't have users with names that could cause problems.
> I just prefer to have all the exim things together. There's no real
> reason why I couldn't seperate the exim and mail spools... but why
> should I if there's no problem with my setup? To be complete safe?
> Sure, but I'm not that worried on this particular system.


You have two disparate functions in the same directory - I would call
that dangerous - specifically I think it could be used to craft an
interesting security attack. As exim is a large setuid program doing
this like this is unwise.

If you want to put all your mail related things together, then rather
that having /var/spool/exim as both your delivery mail spool and
transit mail base directory, put an additional level of heirarchy in
place - ie make your delivery mail spool be /var/spool/exim/delivery or
something. Personally I would still make them separate.

    Nigel.
-- 
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]