On 31/03/2024 13:55 EEST da-dovecotlist-15--- via dovecot
<dovecot@dovecot.org> wrote:
I was surprised to find that the LMTP socket has permission mode 0666
by
default and since configs are merged with defaults, there is no way
to
disable this AFAICS.
# doveconf -d
...
service lmtp {
unix_listener lmtp {
group =
mode = 0666
user =
}
...
}
Is this also how it is supposed to be used in production? I
understand
that LMTP is just for delivering new mails but is there really no
need
to restrict this further? To me it seems reasonable, to force all
services on this machine to go through Postfix and not be able to
just
put e-mails in the users mailboxes via LMTP. Am I missing something?
My use case is a "small" NixOS mail server with Postfix, Nextcloud
a.o.
installed on the same machine. No chroot jails because of NixOS.
Of course there is a way to change that.
service lmtp {
unix_listener lmtp {
mode=0600
}
}
Aki
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
