On Tue, 2004-07-27 at 09:12, Fritz Whittington wrote: > > > While it may be a "good and custom practice" under some situations, it > seems like a work-around that I don't need. I understand that the alias > just moves root's mail to another user's mbox, so that it can be read by > that user. In the days of DEC VT-10x and -2xx "smart" terminals, there > could well be good security reasons for root not to read his mail while > logged in as himself. In my situation, reading root's mail via pop3s > over a *totally* secure LAN (I can see every cable with my naked eyes > while sitting at the desk) and on a Windows machine, no less, seems even > more secure than is required. It's easier and simpler to keep root's > inbox and mail segregated from my "regular" Linux user's inbox, as well > as from my other email accounts. Having options in the config file to > define the available users, with the default starting at user 500 is a > good protection for naive installers, but having root excluded by > compilation from being configured by a non-naive installer just rubs me > the wrong way. > > Secondly, if there are instructions for setting up postfix, sendmail, > and dovecot that are as easy to use as the ones for qmail at > qmailrocks.org, I have yet to find them. While I enjoy using Linux, I > don't wanna make a career out of it. I'm retired from a long career of > computer systems engineering; I'm tired of working *on* systems, would > like to work *with* the systems for a change :-) ---- It seems pretty clear that security stems from redundant methodology to ensure that if one thing goes wrong, another logical measure is adequately empowered. Sometimes, the desire to protect a system against inexperienced administrators that would cause the default configuration or compiled options to deny root access. All you need to do is to create another account 'foo' and alias root's mail to foo. The foo account need not even have a valid shell to send/receive email. You can set up an MUA to use foo as if it were root and it would make no difference at all - except that mail read as foo would not have root's privileges. Thus your argument about working 'with' or 'on' really doesn't hold water. Craig