> http://wiki.dovecot.org/LDA
>
> Section virtual users, with lookup has the answer.
Thanks for the quick response Aki.
I presume you're referring to this:
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail # User running dovecot-lda
#group = vmail # Or alternatively mode 0660 + dovecot-lda user in this group
}
}
So, given that, then I'm still not clear on the following:
1) User vmail is reading the userdb, not writing to the userdb. So why mode
0600?
2) What should the owner, group and mode/permissions of the actual userdb flat
file be for best security?
Michael
