[tpop3d-discuss] tpop3d, sendmail and owner of mailbox
Chris Lightfoot
chris at ex-parrot.com
Wed, 14 Nov 2001 09:51:47 +0000
On Wed, Nov 14, 2001 at 09:36:09AM +0000, Paul Warren wrote:
> On Wed, Nov 14, 2001 at 12:42:11AM +0100, Zdenek Pizl wrote:
> > hmm, everything above is clear for me. A big problem for me
> > is that i am running sendmail. This MTA writes every mail
> > into ONE directory, one file per user. There is no domain
> > mail on my system ...
> >
> > Could you explain me how to set this ? I am still thinking
> > that using sendmail it means every mailbox in
> > /var/spool/mail is owned by particular users (even they
> > could be from the same virt. domain).
>
> If you don't have any virtual email domains then the setup should be
> straight forward. You don't need to use MySQL at all - you just need to
> configure tpop3d to use "auth-pam" as its authentication mechanism.
This is accurate. A sample config file for a sendmail
system looks like:
listen-address: 0.0.0.0:pop-3
max-children: 8
auth-pam-enable: yes
auth-pam-facility: tpop3d
auth-pam-mail-group: mail
and /etc/pam.d/tpop3d looks like
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
The reason that mail-group can be chosen in the above way
is that on some systems, /var/spool/mail is group mail,
g+w, so that a program needs to be setgid mail to write a
lock file. On other systems, /var/spool/mail is 1777, a
far more sensible default, and anyone can write a lock
file into /var/spool/mail.
--
Crash programs fail because they are based on theory that,
with nine women pregnant, you can get a baby in a month.
(Wernher von Braun)