Bug#383469: exim4: exim fails to deliver mails to users whose
$HOME's it cannot access
Juha Jäykkä
juhaj at iki.fi
Sat Aug 19 16:50:22 UTC 2006
> (http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20060814/msg00119.html)
Reading this thread, I think some posters didn't quite get my original
point. Perhaps I didn't explain carefully enough.
The situation, where this whole thing arose was one in which the users'
home directories are on a networked file system, specifically, on
OpenAFS. OpenAFS (like some others, too) does not provide access based
on process (e)uid/(e)gid, but on a valid Kerberos ticket instead. Not
even the root of the mailserver can access the users' home directories
(unless the user is currently logged on and has a valid ticket which the
root steals). Thus it is *not* a question of giving users home
unaccessible home directories.
There are ways of giving the exim a valid AFS token, but typically these
are not recommended (they require storing passwords or
password-equivalent pieces of data on the hard disc) and also makes it
necessary to modify /etc/init.d/exim, which is not very easy to maintain.
It was for these reasons that the users' maildirs were moved from their
homes to /var/mail as the new mailserver was taken to use.
We're perfectly aware that this will break .forward's etc, but there
should be no .forwards on an internal mail server anyway.
-Juha
--
-----------------------------------------------
| Juha Jäykkä, juolja at utu.fi |
| home: http://www.utu.fi/~juolja/ |
-----------------------------------------------
More information about the Pkg-exim4-maintainers
mailing list