Re: [exim] never_users list

On 2008-08-19 at 06:26 -0700, 91change wrote:
> i have set in Local/Makefile
>
>
> EXIM_USER=0
> EXIM_GROUP=0

This is bad, this means that you're telling Exim that it should
routinely run as root.

> NEVER_USERS=root

> where actually root comes into play ?

Exim is running as its built-in user for the remote_smtp transport, so
it's using EXIM_USER, so it's using root because that's how you built
it.

Typically Exim runs as a dedicated user; "exim", "Debian-exim" or
"mailnull" are three examples seen widely. If you really can't create a
new user, then you might be able to get away with the "mail" user if
that exists.

If you can guarantee a usercode but not a userid, note that you can use
"ref:" to build the usercode into the binary and defer checking the
userid until runtime. Eg, EXIM_USER=ref:mailnull

-Phil