I've been using the default_privs setting to control which user Postfix
uses to deliver mail to external commands. However, I note from the
manual that this setting is only used "from an aliases file that is
owned by root, or when delivery is done on behalf of root".
I've come across instances when mail is still delivered to a command
using the user "nobody" (such as when a mail is generated from the local
server rather than delivered from an external source). Is there any way
to change the user that is used to deliver *all* mail to external
commands? If not, what is the recommended way of delivering to an
external command and ensuring that the external command is always
executed using the correct privileges?
At the moment, the only way I can see to achieve this is to set the
external command as executable by "nobody" and external files as
writable by "nobody", but it doesn't seem right to do this in case other
processes are utilising "nobody".
Thoughts please?
postconf -n as follows:
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases, regexp:/etc/postfix/aliases-regexp
allow_min_user = yes
command_time_limit = 5000
config_directory = /etc/postfix
default_privs = simple
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = /usr/share/doc/postfix-2.3.3/html
inet_interfaces = root.simplelists.com, localhost
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 20480000
milter_connect_macros = i b j _ {daemon_name} {if_name} {if_addr}
milter_default_action = accept
milter_mail_macros = {auth_author} {auth_type} {auth_authen}
multi_instance_directories = /etc/postfix-trusted /etc/postfix-untrusted
/etc/postfix-reqconf
multi_instance_enable = yes
multi_instance_wrapper = ${command_directory}/postmulti -p --
mydestination = $myhostname, localhost.$mydomain, localhost, mx1.$mydomain,
ns1.$mydomain, www.$mydomain, root.$mydomain, neptune.$mydomain,
earth.$mydomain, pluto.$mydomain, saturn.$mydomain
myhostname = earth.simplelists.com
mynetworks = 89.16.184.168/29,89.16.176.81,217.160.183.50/32,127.0.0.1/32
newaliases_path = /usr/bin/newaliases
non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock
parent_domain_matches_subdomains =
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
smtpd_authorized_verp_clients = $mynetworks
smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_recipient_access
hash:/etc/postfix/access, reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname
smtpd_milters = unix:/var/run/clamav/milter.ctl
unix:/var/spool/postfix/spamass/spamass.sock
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access,
reject_unknown_sender_domain, permit_mynetworks,
reject_unauth_destination,reject_unauth_pipelining
smtpd_restriction_classes = restrict_smtp_ip
smtpd_sasl_local_domain = $myhostname
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual-domains.cf,
/etc/postfix/virtual-domains
virtual_alias_maps = hash:/etc/postfix/virtual,
regexp:/etc/postfix/virtual-regexp,
proxy:mysql:/etc/postfix/mysql-other-aliases.cf,
proxy:mysql:/etc/postfix/mysql-multiple-domain-aliases.cf,
proxy:mysql:/etc/postfix/mysql-global-aliases.cf,
proxy:mysql:/etc/postfix/mysql-bounce-aliases.cf,
proxy:mysql:/etc/postfix/mysql-majordomo-aliases.cf,
proxy:mysql:/etc/postfix/mysql-account-aliases.cf
