Auteur: W B Hacker Date: À: exim users Sujet: Re: [exim] Dovecot authentication
Renaud Allard wrote:
*SNIP*
> In fact, I must admit I would prefer a patch that would let
> dovecot authenticate against exim (which in turn supports
> cyrus-sasl libray even for PLAIN, LOGIN,...).
>
Have care also as to what (system) users Exim and Dovecot run as.
One can cause them to utilize the UID:GID of the end-user for
delivery/retrieval (common).
We prefer running each under its own UID, and as members of a
common group. Virtual users thereby need no system accounts at
all, have no rights to mail storage except as authenticated
clients of Dovecot or Exim, and knowledge of a user's UID cannot
be escalated to non-mail or other-folks-mail on-box access.
Less common, AFAIK.