Re: How to Configure Qmail on Fedora Core 1 Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On or about 2004-07-27 10:06, Alexander Dalloz whipped out a trusty #2 pencil and scribbled:

Am Di, den 27.07.2004 schrieb Fritz Whittington um 16:51:



At least one point, which is major to me :-) Buried in the sample configuration file for dovecot is a comment that the refusal to serve mail for root is compiled into the binary, no matter that it seems to allow for it in the configuration. I have a small private network of 5 machines in my office, and I wish to read *all* my email from several accounts in one Mozilla profile running on a Windows 2000 machine (mostly because it's by far the fastest of my lot). Even if there *were* any possible security issues here (which I am convinced there are not), I don't like this decision taken out of my hands. (I suppose I could hack the dovecot sources and re-build it.) But it's simpler to use qmail, which has a configuration option for this. (I am willing to *briefly* debate the security (non-)issues of this, if anyone cannot see for themselves; but I refuse to debate any "political" issues about FOSS, Dan B., or etc/usw.)



Right, a debate about DJB's habit would lead to nothing ;)

But I can't understand your argument against dovecot. It is a good and
custom practice to alias the root account to a normal unprivileged user
account. This is done in the aliases file which is respected by the MTA.
The IMAP/POP3 daemon has nothing to do with it.

Alexander


While it may be a "good and custom practice" under some situations, it seems like a work-around that I don't need. I understand that the alias just moves root's mail to another user's mbox, so that it can be read by that user. In the days of DEC VT-10x and -2xx "smart" terminals, there could well be good security reasons for root not to read his mail while logged in as himself. In my situation, reading root's mail via pop3s over a *totally* secure LAN (I can see every cable with my naked eyes while sitting at the desk) and on a Windows machine, no less, seems even more secure than is required. It's easier and simpler to keep root's inbox and mail segregated from my "regular" Linux user's inbox, as well as from my other email accounts. Having options in the config file to define the available users, with the default starting at user 500 is a good protection for naive installers, but having root excluded by compilation from being configured by a non-naive installer just rubs me the wrong way.

Secondly, if there are instructions for setting up postfix, sendmail, and dovecot that are as easy to use as the ones for qmail at qmailrocks.org, I have yet to find them. While I enjoy using Linux, I don't wanna make a career out of it. I'm retired from a long career of computer systems engineering; I'm tired of working *on* systems, would like to work *with* the systems for a change :-)

--
Fritz Whittington
Fear not those who argue but those who dodge. (Marie Ebner von Eschenbach, Aphorisms, 1905)

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux