How to Configure Qmail on Fedora Core 1 Server

Fritz Whittington f.whittington at att.net
Tue Jul 27 16:12:29 UTC 2004 

On or about 2004-07-27 10:06, Alexander Dalloz whipped out a trusty #2 
pencil and scribbled:

>Am Di, den 27.07.2004 schrieb Fritz Whittington um 16:51:
>
>  
>
>>At least one point, which is major to me :-)  Buried in the sample 
>>configuration file for dovecot is a comment that the refusal to serve 
>>mail for root is compiled into the binary, no matter that it seems to 
>>allow for it in the configuration.  I have a small private network of 5 
>>machines in my office, and I wish to read *all* my email from several 
>>accounts in one Mozilla profile running on a Windows 2000 machine 
>>(mostly because it's by far the fastest of my lot).  Even if there 
>>*were* any possible security issues here (which I am convinced there are 
>>not), I don't like this decision taken out of my hands.  (I suppose I 
>>could hack the dovecot sources and re-build it.)  But it's simpler to 
>>use qmail, which has a configuration option for this.  (I am willing to  
>>*briefly* debate the security (non-)issues of this, if anyone cannot see 
>>for themselves;  but I refuse to debate any "political" issues about 
>>FOSS, Dan B., or etc/usw.)
>>    
>>
>
>Right, a debate about DJB's habit would lead to nothing ;)
>
>But I can't understand your argument against dovecot. It is a good and
>custom practice to alias the root account to a normal unprivileged user
>account. This is done in the aliases file which is respected by the MTA.
>The IMAP/POP3 daemon has nothing to do with it.
>
>Alexander
>  
>
While it may be a "good and custom practice" under some situations, it 
seems like a work-around that I don't need.  I understand that the alias 
just moves root's mail to another user's mbox, so that it can be read by 
that user.  In the days of DEC VT-10x and -2xx "smart" terminals, there 
could well be good security reasons for root not to read his mail while 
logged in as himself.  In my situation, reading root's mail via pop3s 
over a *totally* secure LAN (I can see every cable with my naked eyes 
while sitting at the desk) and on a Windows machine, no less, seems even 
more secure than is required.  It's easier and simpler to keep root's 
inbox and mail segregated from my "regular" Linux user's inbox, as well 
as from my other email accounts.  Having options in the config file to 
define the available users, with the default starting at user 500 is a 
good protection for naive installers, but having root excluded by 
compilation from being configured by a non-naive installer just rubs me 
the wrong way.

Secondly, if there are instructions for setting up postfix, sendmail, 
and dovecot that are as easy to use as the ones for qmail at 
qmailrocks.org, I have yet to find them.  While I enjoy using Linux, I 
don't wanna make a career out of it. I'm retired from a long career of 
computer systems engineering;  I'm tired of working *on* systems, would 
like to work *with* the systems for a change :-)

-- 
Fritz Whittington
Fear not those who argue but those who dodge. (Marie Ebner von Eschenbach, Aphorisms, 1905)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3252 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040727/4a5b5486/attachment-0001.bin>

More information about the fedora-list mailing list