On 2007-08-12 at 13:17 +0200, Roland Illig wrote:
> for mailboxes:
> /var/mailboxes/$domain/$local_part/{new,cur,tmp}
>
> for redirections:
> /var/mailboxes/$domain/$local_part
> (a regular file containing the redirections)
[...]
> This setup would ensure that no user can have both a mailbox and a
> redirection at the same. But when I looked at the exim source code, I
> figured out that exim tries to be too clever for me, and that it treats
> all errors except ENOENT as a fatal failure. (For redirections, the
> error is ENOTDIR.)
>
> Is there some clever way to keep my directory layout?
condition = ${if eq{${substr_0_1:${extract {smode}{${stat:XXX}}}}}{d}}
where for you XXX will be /var/mailboxes/$domain/$local_part but you
probably want to consider double-checking your receive ACLs to ensure
that you're not accepting LHSs such as "../../../../../etc/passwd"
(which the default config protects against) and putting this into an
appropriately named macro, with cross-reference comments at the macro
definition and the ACL check to ensure that the mailadmin who replaces
the person who replaces you, one day, doesn't do something incredibly
stupid[*]. Always exercise extreme caution when mapping unauthenticated
remote data directly into a filesystem namespace.
So this does a stat() on the path, gets the stringified mode (eg,
"drwxr-xr-x"), extracts the first character and looks to see if it's
"d".
There's probably a better way which I just can't see whilst my brain is
not functioning on all cylinders.[**]
-Phil
[*] Memo to self: must learn to write shorter sentences
[**] Popular belief has it that this is the normal state of affairs
