[lug] postfix aliases, best practices?
D. Stimits
stimits at comcast.net
Wed Dec 27 17:53:33 MST 2006
bgiles at coyotesong.com wrote:
>Just to be clear, I'm referring to (internal only?) redirect to a common
>account, not separate queues. I don't think any processes actually send
>mail to any account other than 'root', but it's cheap insurance.
>
>
>
Hmm...so then is there some sort of security issue solved by having
aliases for all of the system accounts which redirect to a real user? It
sounds like it avoids some sort of exploit from sending email to system
accounts...but if so, why not just make those account names always
bounce as non-existent?
...
>>>I think you need an entry for every account in /etc/passwd. I don't
>>>recall, off the top of my head, how to only define the accounts
>>>internally.
>>>
>>>
Seems that the default aliases file actually defines several not even in
the passwd file (e.g., sales).
I probably need to pick up a book on postfix config. Some of the
documentation is fairly clear and simple, but it often lacks information
about why they do things certain ways.
D. Stimits, stimits AT comcast DOT net
More information about the LUG
mailing list