> On Mar 25, 2017, at 9:38 PM, Doug Barton <domain_name_t...@yahoo.com> wrote:
>
>>> Setting up a new pipe in master.cf I wanted to do 'user=${user}' but that
>>> macro isn't available there, only in argv. I found a workaround, but I was
>>> curious about why?
>>
>> For good security reasons.
>
> Can you elaborate?
Unlike .forward or files which exist for selected users, injecting
envelope data (e.g. user=${user}) into the pipe(8) execution context
could allow remote senders to execute code as any user on the system
or modify which command is run, ... Postfix attempts to be safe even
in the hands of non-expert users.
The local(8) delivery agent is designed to deliver email to system
users and is able to run commands as the user account receiving the
mail. The features you're looking for are described under the heading
"DELIVERY METHOD CONTROLS" in:
http://www.postfix.org/local.8.html
Namely:
http://www.postfix.org/postconf.5.html#forward_path
http://www.postfix.org/postconf.5.html#mailbox_command
http://www.postfix.org/postconf.5.html#mailbox_command_maps
--
--
Viktor.
