On Tue, 29 Jul 2003, J. Kent Busbee, Jr. wrote:
> I am setting up an email server. What is the best security settings for
> setting up users who will be getting their email via pop. I guess that
> I will have to use adduser to add the users to the system. (Or is there
> some method for adding email users to the system -with a mailbox-
> without adding them as system users?) But, can they be set with NO
> shell and No home directory? Is that a good idea for security?
Yes, you could just set their shell to /bin/false or /dev/null or
something. Might have to add it to /etc/shells if they want ftp access (i
don't think pop cares).
Don't need a home dir for pop, you could just leave inboxes in
/var/spool/mail. But later on you may want to setup imap to give webmail
access (and need multiple folders) or perhaps implement quota's or
something. In that case, you may want to setup the LDA (local delivery
agent) to deliver mail to /home/$user/mail/INBOX or something like that.
Recent Redhat uses procmail as the LDA, and this is easy to setup with
procmail (man procmailrc).
ray
___________________
Nolug mailing list
nolug@nolug.org
Received on 07/29/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST