Brian,
We're sort of doing this here, though we're not chrooting users (or their
primary spools) to their $HOME/mail directories.
Most of our users are still using POP3 (qpopper), however we have some which
roam from machine to machine, therefore IMAP is better suited for them (it
just eliminates the possibility of client-side filters, which is why
everyone doesn't use it yet).
We've implemented IMAP using the UW server which was packaged (and updated)
with RedHat, therefore it defaults to $HOME. Sanitizer is still called
through /etc/procmail.rc on our system (keeping it simple). Then individual
users who have filters have a $HOME/.procmailrc. Subfolders have been
created in $HOME/mail and the IMAP client has been configured to view
subfolders in the same location. As for not granting other logins, I've
simply set the shell to /bin/false to those users. That has suited our needs
thus far. Because they have no shell access, I'm less concerned about
chrooting the user. We do have to be sure to set the default server path
within the client to ./mail within our setup, and other $HOME files are
accessible.
If you want to force the server to look in a set location, you will most
likely need to compile the server in that fashion. UW requires you to change
the source itself (see docs/CONFIG on changing the "mailsubdir" variable).
Other IMAP daemons will probably differ, however.
You didn't specify if you were trying to dump INBOX within $HOME/mail as
well. That would probably require a change at the procmail level, as well as
the IMAP daemon, since the daemon would then need to know to look in
$HOME/mail for the primary spool as well as other mail files vs
/var/spool/mail.
Hope my rambling helps just a tad. Feel free to add/change/delete as needed.
-Rick
-------------------------------------------------------
Rick Johnson - 39842@xyz.molar.is
Linux/WAN Administrator - Medata, Inc.
----- Original Message -----
From: "Brian Schonecker" <39881@xyz.molar.is>
To: <39926@xyz.molar.is>
Sent: Monday, April 08, 2002 8:02 AM
Subject: [anomy-list]: Sanitizer & IMAP anyone?
...considering moving my company's primary email access to IMAP server.
Anyone using sanitizer/IMAP?
So far, I've been able to get the IMAP server to start but my mail delivery
location is in $HOME and I want to 'chroot' it to $HOME/mail so that users
cannot access their $HOME files. This is a Linux server that is used only
for mail access and doesn't allow logins from the outside (other than
console).
Anyone doing this already? Caveats?
Brian