anomy-list

Re: Sanitizer & IMAP anyone?

From: Rick Johnson (39842@xyz.molar.is)
Date: Mon 08 Apr 2002 - 15:46:36 UTC

  • Next message: D. J. Hagberg: "Re: Sanitizer & IMAP anyone?"

    Brian,

    We're sort of doing this here, though we're not chrooting users (or their
    primary spools) to their $HOME/mail directories.

    Most of our users are still using POP3 (qpopper), however we have some which
    roam from machine to machine, therefore IMAP is better suited for them (it
    just eliminates the possibility of client-side filters, which is why
    everyone doesn't use it yet).

    We've implemented IMAP using the UW server which was packaged (and updated)
    with RedHat, therefore it defaults to $HOME. Sanitizer is still called
    through /etc/procmail.rc on our system (keeping it simple). Then individual
    users who have filters have a $HOME/.procmailrc. Subfolders have been
    created in $HOME/mail and the IMAP client has been configured to view
    subfolders in the same location. As for not granting other logins, I've
    simply set the shell to /bin/false to those users. That has suited our needs
    thus far. Because they have no shell access, I'm less concerned about
    chrooting the user. We do have to be sure to set the default server path
    within the client to ./mail within our setup, and other $HOME files are
    accessible.

    If you want to force the server to look in a set location, you will most
    likely need to compile the server in that fashion. UW requires you to change
    the source itself (see docs/CONFIG on changing the "mailsubdir" variable).
    Other IMAP daemons will probably differ, however.

    You didn't specify if you were trying to dump INBOX within $HOME/mail as
    well. That would probably require a change at the procmail level, as well as
    the IMAP daemon, since the daemon would then need to know to look in
    $HOME/mail for the primary spool as well as other mail files vs
    /var/spool/mail.

    Hope my rambling helps just a tad. Feel free to add/change/delete as needed.

    -Rick
    -------------------------------------------------------
    Rick Johnson - 39842@xyz.molar.is
    Linux/WAN Administrator - Medata, Inc.

    ----- Original Message -----
    From: "Brian Schonecker" <39881@xyz.molar.is>
    To: <39926@xyz.molar.is>
    Sent: Monday, April 08, 2002 8:02 AM
    Subject: [anomy-list]: Sanitizer & IMAP anyone?

    ...considering moving my company's primary email access to IMAP server.

    Anyone using sanitizer/IMAP?

    So far, I've been able to get the IMAP server to start but my mail delivery
    location is in $HOME and I want to 'chroot' it to $HOME/mail so that users
    cannot access their $HOME files. This is a Linux server that is used only
    for mail access and doesn't allow logins from the outside (other than
    console).

    Anyone doing this already? Caveats?

    Brian



    hosted by molar.is