Wietse: > Curtis: > > > This is safe only when the maildrop queue is "stopped", that is, > > > > > > 1) No submissions with the Postfix sendmail command while these > > > files are in the maildrop directory, otherwise mail will be > > > lost.
I'm still trying to understand why mail would be lost. Since it would be impossible for the Postfix sendmail command to overwrite one of these files due to a filename conflict (we write the files using filenames that would never be used by Postfix), are you saying that the risk of mail loss comes because Postfix might use the same inode as one of these existing files? Doesn't postfix use some type of system call to retrieve an inode number that is not already in use? > > > > > > 2) No pickup daemon and no postsuper command, otherwise pickup will > > > read incomplete files and throw them away, or it will make > > > duplicate deliveries as files get renamed. So the assertion that has been made here in the past (not by you) about creating the file using mode 0600 to prevent pickup from seeing incomplete files is false? Thanks, Curtis
