Re: [Exim] EXIM_USER value in Makefile during building

Top Page
Delete this message
Reply to this message
Author: Wei Wang
Date:  
To: exim-users
Subject: Re: [Exim] EXIM_USER value in Makefile during building
> I think you are missing the point big-time here. EXIM_USER is the name of
> a UNIX user which the Exim daemon will (mostly) run with the permissions
> of. It's definitely not an e-mail address and is not related to the
> handling of e-mails. It's just a relatively unprivileged user, independent
> of the "real" users on your system. The reason why Nico told you not to
> use root is that this would then give the Exim daemon superuser privileges
> on your system, which is not necessary and universally considered a very
> bad idea, primarily from a security point of view.
> What you need to understand is that EXIM_USER is quite a "low-level"
> setting (for want of a better description). It basically sets the
> operating system-level privileges that the Exim SMTP daemon (server) will
> have when running. All the configuration about what domains/email
> addresses/etc. you will handle and how this is done is done at a later
> stage via the runtime configuration file exim.conf.
>
> Basically, don't get bogged down too much with this EXIM_USER setting. You
> just need to do create a new UNIX user "exim" and then set EXIM_USER=exim,
> or, as Nico said, you could use the user "mail" which is commonly set up
> on many systems for this purpose. Then compile Exim and (more or less)
> forget about it.


Tim, thank you very much for your minute and patient explanation. Now I have
understood that EXIM_USER is olny used to specify the privilege that the
Exim daemon
would run with. I think I'm just lack of some basic understanding of how the
daemons work
in Linux. I guess every daemon is run by a specific user so that the
privilege management of each
daemon would come down to managing the privileges of these users.

>
> What system are you using BTW? Red Hat? Debian? Something else?


I am running Mandrake 9. Having just transfered from the Windows world, I
guess I have a lot
of weird questions.


>
> Have you read the Exim manual? This explains installation, configuration
> etc. in quite some detail.


I didn't find the part in the Exim specification that explains that
EXIM_USER
specifies the privilege that Exim daemon runs with. It only mentions:

There are three settings that you must supply, because Exim will not build
without them. They are the location of the run time configuration file
(CONFIGURE_FILE), the directory in which Exim binaries will be installed
(BIN_DIRECTORY), and the identity of the Exim user (EXIM_USER and maybe
EXIM_GROUP as well).


>
> > every user on my linux box has to configure, build
> > and install his/her own copy of Exim with setting the EXIM_USER as
> > his/her own email address?
>
> Definitely not.
>
> > My naive understanding about this was that "fetchmail" would indicate
> > which email address to fetch email from, where each user
> > on my linux box could set his/her own email address in the personal
> > .fetchmailrc file. Then all my linux box's users' email would all
> > be sent to port 25 where Exim is acting as an SMTP server, listening at
> > port 25. In that case, there should only be one SMTP server running
> > on my linux box.
>
> Yes, you're more or less right here (assuming you want to fetch some mail
> via POP/IMAP/etc from a remote server with fetchmail, and deliver it to a
> local user). You can have many users with fetchmail, all with their own
> preferences etc. Then fetchmail will (depending on your settings) connect
> to the SMTP server (Exim, running as user "exim" if you set it up that
> way) and will send the mails on, indicating in the SMTP RCPT command (this
> is part of the SMTP dialogue) which user the mail is destined for. What
> happens to it from then on depends on how you have set up exim.conf, but
> let's cross that bridge when we come to it - get Exim compiled and
> installed first.


I'm actually doing my final year project on collaborative spam filtering, a
bit like vipur's razor.
My plan about testing this is to set up 20 users on my linux box, and apply
for 20
hotmail account. And have each of the 20 users fetch email from one hotmail
account
to every user's username@localhost using "gotmail"(which acts like
fetchmail, at least
with my understanding).
Then each user would use mutt to access it's own /var/spool/mail/username
and label out
spam emails or pick out misclassified spam emails, etc.

Of course first of all I have to get fetchmail and Exim up and running.

Many many thanks,

Wei


>
>
> Tim
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim

details at http://www.exim.org/ ##
>