[lug] postfix aliases, best practices?

Hugh Brown hugh at math.byu.edu
Wed Dec 27 19:46:18 MST 2006 

D. Stimits wrote:
> bgiles at coyotesong.com wrote:
> 
>> Just to be clear, I'm referring to (internal only?) redirect to a common
>> account, not separate queues.  I don't think any processes actually send
>> mail to any account other than 'root', but it's cheap insurance.
>>
>>  
>>
> Hmm...so then is there some sort of security issue solved by having 
> aliases for all of the system accounts which redirect to a real user? It 
> sounds like it avoids some sort of exploit from sending email to system 
> accounts...but if so, why not just make those account names always 
> bounce as non-existent?
> ...

I don't think there is a security issue for having aliases for system 
accounts.  Someone correct me please, but I think the only alias you are 
"required" to have is postmaster to be rfc 822 compliant.  Otherwise, 
mail gets delivered if there's an account in /etc/passwd (used 
generically to mean your auth store) or if there's an entry in the 
aliases file (ignoring all the fun of virtual domains).

If you want the /etc/passwd user to get the mail in a spool all her/his 
own (regardless of system account status), then don't put an entry in 
/etc/aliases for them.  If you want to receive mail for an "account" 
that doesn't exist in /etc/passwd, add an alias (like sales, info, ...). 
   If you want to get mail for a daemon to go somewhere other than the 
user account that it runs as, set up an alias.  If you don't want to 
receive mail for a system account, set up the system to bounce mail to 
that user.

  There is a lot of software that logs by mailing to the root user, so 
that's useful to capture by aliasing the root user to an account that 
you read.

Here's what my postfix install came with from debain:

# /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root
root: <mylocalusername>


I found a CERT site that says, if you aren't using the entry, then 
remove it (for whatever that's worth).  So everything other than 
postmaster is for your convenience (whether it be for logging or making 
it easier for others to contact you e.g. abuse, webmaster, hostmaster, ...).

The DNS registries also want the email address(es) in your domain 
record(s) to go to someplace real, but that's not always widely followed 
(mostly because unscrupulous types harvest the whois data for email to 
send spam to).

FWIW,

Hugh

More information about the LUG mailing list