On Thu, Jun 02, 2005 at 11:36:02AM -0400, Tim Macrina wrote:
I do have one more question, who/what needs to have perms to
write to the folder since it will be handling spam for all
users on my system? All of my mailusers are in a group called
mailusers so I assume if I gave that group write perms then I
would be ok, right? Thank you
Sean Straw has answered this. If you are running as an elevated
user using the /etc/procmailrc or its functional equivalent, you'd
have the power. That is not (as Sean also said) to say you
should use it. It is an ethical violation to show users other
users' email, even spam. In some places -- for example, the
country I'm writing from as a resident -- it is even illegal.
Moreover, there are security issues with the elevated users'
writing files that will be accessible to non-elevated users.
At the least, you should ensure the file perms are dummied-down
to the minimums required and the ownership changed to something
appropriate (not "root"!) I strongly suggest you read a good
sysadmin book for starters. This stuff is neither trivial nor
easy to just toss off half-baked solutions with a minimum of
attention to detail and rigor.
You said (I cut that part) you are new to Unix/Linux and mailing
lists. I have nothing against being new -- everybody's new at
something sometime. But I have to wonder at the picture dancing
in my head of a non-knowledgeable user administering a mail server
used by other users. I'm seeing bulls in china shops in my brain.
Again, no insult intended, and I do need more coffee, that I'll
grant. Let's just say my cautions are all raised.
Have you read Nancy McGough's excellent procmail QuickStart guide?
procmail mailing list Procmail homepage: http://www.procmail.org/