[lug] Security for Qmail + virtual hosting Courier IMAP?

Eric Peers eric_peers at yahoo.com
Thu Jun 19 10:43:20 MDT 2003


howdy!

I'm setting up Qmail + Courier IMAP on my box to host
3 websites/domains (mine, my parent's, and my
girlfriends). I'm mildly concerned about security on
the box - not because my girlfriend will hack me, but
I'd like to do it "right" in case somebody else shares
the box with me.

I was reading through the INSTALL and README files of
Courier and I think I'll be using the userdb. This
makes sense to me since I can have a separate password
for a login account vs. a mail account. 

But in order to use userdb, you need to create a vmail
account that owns all of the Maildir's. Ok, fine...
Except I like to be able to see my maildir from a
login shell so that I can grep through files and back
them up to my home/work box. So I figured I would put
maildir into the home directories (default Qmail way
of doing it), and have vmail permissions set to allow
the user/domain owner to look into their
maildirectory.

But if I set permissions on the vmail account to allow
a user to view that directory within their home
directory tree, then theoretically I can view my
girlfriend's mail and vice versa. Is there a good way
to make a Maildir visible  / accessible from a shell
to the domain owner, make it visible to the virtual
mail account for Courier, and yet make it inaccessible
to the other users?

I figured I could not use virtual accounts and just
use the passwd file straight up, but I hate to be
sending shell login passwords on a mail interface if I
can avoid it.

Thanks!
   --eric


__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com



More information about the LUG mailing list