Re: [Exim] Using Exim4, Maildrop and Debian

Pàgina inicial
Delete this message
Reply to this message
Autor: Greg Folkert
Data:  
A: Exim List
Assumpte: Re: [Exim] Using Exim4, Maildrop and Debian
--
On Tue, 2003-09-30 at 13:49, Andreas Metzler wrote:
> On Tue, Sep 30, 2003 at 12:25:00PM -0400, Greg Folkert wrote:
> > I have figured out a fix for getting maildrop to work as a router
> > through exim 4.22 (being an MDA). I believe it comes down to a packaging
> > error in Maildrop (or courier-maildrop actually).
>
> > If in using this in the conf:
>
> > require_files = ${local_part}:${home}/.mailfilter:/usr/bin/maildrop
> >
> > Gives you defers, versus:
> >
> > require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
>
> That is what I ship in
> /etc/exim4/conf.d/router/800_exim4-config_maildrop (but I do not know
> why ;-)
>
> > Skipping over the whole router you are going to need to change:
> >
> > -r-s--x--x    1 root    daemon     153256 Sep 11 17:42 /usr/bin/maildrop

> >
> > to:
> >
> > -r-sr-xr-x    1 root    daemon     153256 Sep 11 17:42 /usr/bin/maildrop

>
> That file permissions are indeed buggy (policy 10.9), afaict but see
> (***).



> However I have no idea where the error comes from. I can stat()
> a file as unpriviledged user even if it is 4111, i.e.
>
> if (0==stat("/usr/bin/maildrop",foo))
>                 return(0);
> else
>                 return(1);

>
> will exit successfully with 0 even if running unpriviledged. What am I
> missing, is exim doing doing a special variant of stat?


Good question to ask Philip.

> [...]
> > What are the odds, Andreas maintains courier-maildrop as well? Hope
> > not.
> [...]
>
> ;-) I don't - one MTA is enough for me.
>

Good.

> (***) Shouldn't you be running the normal "maildrop" package?
> | The installation of this package is recommended only for using it in
> | conjunction with the sqwebmail package. Please use the standalone
> | maildrop package otherwise.
> Perhaps sqwebmail requires these strange permissions.


I've looked at sqwebmail and see no reason for it being that way either.
Of course only really cursory. But, installing the "maildrop" package
does indeed look better to me:

-rwxr-sr-x    1 root     mail     137640 Jul 13 18:18 /usr/bin/maildrop


That is what I expected to see to begin with.

--
greg, greg@???
REMEMBER ED CURRY! http://www.iwethey.org/ed_curry

The expanse of your intelligence is a void no universe could ever fill.
--
Content-Description: This is a digitally signed message part

[ signature.asc of type application/pgp-signature deleted ]
--