Mercurial > hg > mlmmj
comparison README.postfix @ 780:ddae562f7cf0
Document why 'nobody' is inappropriate and capitalise a few things
author | Ben Schmidt |
---|---|
date | Mon, 15 Nov 2010 10:11:28 +1100 |
parents | fdc57c9e5f56 |
children | 58d726e86650 |
comparison
equal
deleted
inserted
replaced
779:93d445688ebe | 780:ddae562f7cf0 |
---|---|
1 README.postfix Dec 16th 2009 | 1 README.postfix Dec 16th 2009 |
2 | 2 |
3 POSTFIX ISSUES | 3 POSTFIX ISSUES |
4 | 4 |
5 The main issue with Postfix and mlmmj is the mlmmj requirement that | 5 The main issue with Postfix and Mlmmj is the Mlmmj requirement that |
6 the mlmmj executables must be executed by root or the owner of the | 6 the Mlmmj executables must be executed by root or the owner of the |
7 list directory. | 7 list directory. |
8 | 8 |
9 This is at odds with Postfix. The standard local delivery mechanism | 9 This is at odds with Postfix. The standard local delivery mechanism |
10 for Postfix is local(8) that ships with Postfix. According to | 10 for Postfix is local(8) that ships with Postfix. According to |
11 local(8) delivery to external programs is done on behalf of the | 11 local(8) delivery to external programs is done on behalf of the |
12 receiving user. But when delivering to a program without using a | 12 receiving user. But when delivering to a program without using a |
17 local(8) daemon will use the owner of the :include: file from the | 17 local(8) daemon will use the owner of the :include: file from the |
18 aliases file. But this is a problem too. By default :include: | 18 aliases file. But this is a problem too. By default :include: |
19 files are disabled as a security precaution in aliases files for | 19 files are disabled as a security precaution in aliases files for |
20 delivering to external programs. | 20 delivering to external programs. |
21 | 21 |
22 This leaves us with a conundrum on how to execute the mlmmj | 22 So Postfix then falls back to executing with the user specified by |
23 executables as an 'mlmmj' user without using alias files. One | 23 the configuration option 'default_privs'. The default setting for |
24 answer is to use a postfix transport. | 24 this option is the user 'nobody'. You can make Mlmmj work by having |
25 your lists owned by 'nobody', but this is not recommended. Other | |
26 programs and daemons may use 'nobody' as a user who should not have | |
27 access to anything; most notably, some NFS implementations use this | |
28 user when somebody connects but fails to authenticate. Such users | |
29 should not be able to access your mailing lists. Changing | |
30 'default_privs' to an 'mlmmj' user may open other security holes, | |
31 and may not be appropriate if Postfix is used for other external | |
32 programs besides Mlmmj. | |
33 | |
34 This leaves us with a conundrum on how to execute the Mlmmj | |
35 executables as an 'mlmmj' user. One answer is to use a Postfix | |
36 transport. | |
25 | 37 |
26 First we'll get the 'mlmmj' user setup and then move onto the | 38 First we'll get the 'mlmmj' user setup and then move onto the |
27 postfix configuration: | 39 Postfix configuration: |
28 | 40 |
29 MLMMJ SETUP | 41 MLMMJ SETUP |
30 | 42 |
31 Create a 'mlmmj' user that will own all the lists. Use whatever | 43 Create a 'mlmmj' user that will own all the lists. Use whatever |
32 user creation app/script is provided by your system. Generally | 44 user creation app/script is provided by your system. Generally |
33 'useradd'. | 45 'useradd'. |
34 | 46 |
35 Create the spool directory that is owned by the 'mlmmj' user. | 47 Create the spool directory that is owned by the 'mlmmj' user. |
41 | 53 |
42 Create a mailing list using mlmmj-make-ml. Make sure to use the | 54 Create a mailing list using mlmmj-make-ml. Make sure to use the |
43 -s flag to set the spool directory if it isn't /var/spool/mlmmj | 55 -s flag to set the spool directory if it isn't /var/spool/mlmmj |
44 | 56 |
45 POSTFIX SETUP | 57 POSTFIX SETUP |
46 | 58 |
47 First thing is to make sure that the postfix server accepts mail for | 59 First thing is to make sure that the postfix server accepts mail for |
48 the mailing lists. For a server that handles mail for multiple | 60 the mailing lists. For a server that handles mail for multiple |
49 domains, this is done with a 'virtual_alias_map'. This is how I'll | 61 domains, this is done with a 'virtual_alias_map'. This is how I'll |
50 demonstrate. | 62 demonstrate. |
51 | 63 |
52 Add a virtual_alias_map file to main.cf configuration. We'll use a | 64 Add a virtual_alias_map file to main.cf configuration. We'll use a |
53 regular expression map since we need to be able to match all the | 65 regular expression map since we need to be able to match all the |
54 various mjmml delimiter addresses (list-subscribe, list-unsubscribe, | 66 various Mlmmj delimiter addresses (list-subscribe, list-unsubscribe, |
55 etc) | 67 confsub-0123456789abcdef, etc.). |
56 | 68 |
57 main.cf: | 69 main.cf: |
58 virtual_alias_maps = hash:/etc/postfix/virtual, | 70 virtual_alias_maps = hash:/etc/postfix/virtual, |
59 regexp:/var/spool/mlmmj/virtual.regexp | 71 regexp:/var/spool/mlmmj/virtual.regexp |
60 | 72 |
61 /var/spool/mlmmj/virtual.regexp: | 73 /var/spool/mlmmj/virtual.regexp: |
62 /^(mlmmj-test.*)@example\.com$/ ${1} | 74 /^(mlmmj-test.*)@example\.com$/ ${1} |
63 /^(another-list.*)@sample\.com$/ ${1} | 75 /^(another-list.*)@sample\.com$/ ${1} |
64 | 76 |
65 One line needs to be in the virtual map for each list the 'mlmmj' id | 77 One line needs to be in the virtual map for each list the 'mlmmj' id |
70 If you want to host multiple domains in a hierarchical structure, | 82 If you want to host multiple domains in a hierarchical structure, |
71 you can alternatively use: | 83 you can alternatively use: |
72 | 84 |
73 /^(list-name.*)@(domain\.com)$/ domain--${1} | 85 /^(list-name.*)@(domain\.com)$/ domain--${1} |
74 | 86 |
75 Next we make sure that postfix can invoke the mlmmj executables as | 87 Next we make sure that Postfix can invoke the mlmmj executables as |
76 the 'mlmmj' user. This is where the transport map comes in. So we | 88 the 'mlmmj' user. This is where the transport map comes in. So we |
77 add a transport map and a configuration option that instructs the | 89 add a transport map and a configuration option that instructs the |
78 transport to only deliver one file at a time. See transport(5) for | 90 transport to only deliver one file at a time. See transport(5) for |
79 more information on transports. | 91 more information on transports. |
80 | 92 |
81 main.cf: | 93 main.cf: |
82 transport_maps = regexp:/var/spool/mlmmj/transport | 94 transport_maps = regexp:/var/spool/mlmmj/transport |
83 mlmmj_destination_recipient_limit = 1 | 95 mlmmj_destination_recipient_limit = 1 |
84 | 96 |
85 /var/spool/mlmmj/transport: | 97 /var/spool/mlmmj/transport: |
86 /^(list-test).*$/ mlmmj:list-test | 98 /^(list-test).*$/ mlmmj:list-test |
87 /^(another-list).*$/ mlmmj:another-list | 99 /^(another-list).*$/ mlmmj:another-list |
88 | 100 |
89 What this transport file says, is that any message destined for an | 101 What this transport file says, is that any message destined for an |
95 For the hierarchical multi-domain solution, use this variant: | 107 For the hierarchical multi-domain solution, use this variant: |
96 | 108 |
97 /^(domain--list-name).*$/ mlmmj:domain/list-name | 109 /^(domain--list-name).*$/ mlmmj:domain/list-name |
98 | 110 |
99 Now we setup the 'mlmmj' transport. The 'mlmmj' in mlmmj:$1 above | 111 Now we setup the 'mlmmj' transport. The 'mlmmj' in mlmmj:$1 above |
100 indicates a transport listed in the postfix master.cf file. We are | 112 indicates a transport listed in the Postfix master.cf file. We are |
101 just going to create a transport called 'mlmmj' but it is nothing | 113 just going to create a transport called 'mlmmj' but it is nothing |
102 more than a pipe(8) to the mlmmj-receive program that is invoked as | 114 more than a pipe(8) to the mlmmj-receive program that is invoked as |
103 the 'mlmmj' user. | 115 the 'mlmmj' user. |
104 | 116 |
105 master.cf: | 117 master.cf: |
106 # mlmmj mailing lists | 118 # mlmmj mailing lists |
107 mlmmj unix - n n - - pipe | 119 mlmmj unix - n n - - pipe |
108 flags=DORhu user=mlmmj argv=/usr/local/bin/mlmmj-receive -F -L /var/spool/mlmmj/$nexthop/ | 120 flags=DORhu user=mlmmj argv=/usr/local/bin/mlmmj-receive -F -L /var/spool/mlmmj/$nexthop/ |
109 | 121 |
110 This takes the pipe(8) postfix delivery agent and tells it to invoke | 122 This takes the pipe(8) Postfix delivery agent and tells it to invoke |
111 '/usr/local/bin/mlmmj-receive' as the 'mlmmj' user and pipe the | 123 '/usr/local/bin/mlmmj-receive' as the 'mlmmj' user and pipe the |
112 email to it on stdin. This mode of transportation is given the name | 124 email to it on stdin. This mode of transportation is given the name |
113 'mlmmj'. | 125 'mlmmj'. |
114 | 126 |
115 The 'flags' parameter to pipe(8) is pretty critical here. In | 127 The 'flags' parameter to pipe(8) is pretty critical here. In |
127 $nexthop will get set to the name of the mailing list (or domain | 139 $nexthop will get set to the name of the mailing list (or domain |
128 and name). Your list directories, then, should be at | 140 and name). Your list directories, then, should be at |
129 /var/spool/mlmmj/list-name as usual, or for the hierarchical | 141 /var/spool/mlmmj/list-name as usual, or for the hierarchical |
130 multi-domain version, in /var/spool/mlmmj/domain/list-name. | 142 multi-domain version, in /var/spool/mlmmj/domain/list-name. |
131 | 143 |
132 Restart postfix and enjoy your new lists. | 144 Restart Postfix and enjoy your new lists. |
133 | 145 |
134 | 146 |