Autor: W B Hacker Data: A: exim-users Assumpte: Re: [exim] Running exim as a user with no username
Mike Cardwell wrote:
> * on the Tue, Feb 21, 2006 at 04:27:04AM +0800, W B Hacker wrote:
>
>
>>I understand the solution, but I was puzzled by your OP as to
>>why you wanted to do this at all (w/r Exim's EUID) - and am
>>still puzzled.
>>
>>Just as background, in my own installations Exim, SA, ClamAV,
>>Dovecot IMAP/POP, and the Webmail daemon each run at all times
>>as their own UID.
>>
>>The end user's ID is not only not used - they don't even *have*
>>one. Even 'postmaster' has to have an entry in the SQL DB.
>>
>>Which is perhaps as diametrically opposite to your approach as
>>it gets - where you run the daemon with no default UID, I handle
>>the users with no UID.
>>
>>Neither criticizing nor advocating either method, as mine is as
>>non-standard as yours is.
>>
>>But hope you can see why I am (still) curious...
>>
>>Care to enlighten?
>
>
> The environment this is running in sounds very different to yours.
> The machines are actually web servers, not mail servers. Exim
> isn't even running as a daemon. The only reason exim is on there
> is so people can send emails from forms. UIDs on the system are
> mapped to usernames via an ldap connection to the Active
> Directory. When someone runs their (hopefully safe) copy of
> formmail.cgi etc they run under a suexec style system so the
> process runs as their own user. At the normal user level they
> don't have access to query the AD. Is this starting to look more
> clear?
>
> Mike
>
I now understand how. I think I understand what for.
'Why Exim' for mere submission of outbound traffic to a foreign
host, and only from a 'known in advance' list/DB of permitted
users, still escapes me. If that is actally the 'what'.
Unless Exim is *also* (but separately) installed to handle
other-than formmail traffic, the whole exercise strikes me as a
bit like potting rabbits with a 16-inch-fifty. Even with free
ammunition, the cost of positioning and aiming the piece is too
great for the gain.
One could use a <language of your choice> tool and no 'full
spec' MTA at all. Or do specialized relay through a single
remote Exim you control for many-many webservers.
Or (my preference) no mail services of any kind on the box,
write the form output to a quarantined file area, and collect
them if-exist and/or at-intervals by file transfer. Or
interested parties login and read/download them via browser,
wiki/forum style.