[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Pop mail virtual user security [LONG]



Hi all,

Inspired by a recent thread on this list I decided to set up a
mailserver with pop3 access over ssl. It's working now, but I'd
appreciate some comments on its security. My setup is as follows:

- I'm using stunnel+popa3d for pop3-ssl

  (/usr/sbin/stunnel -d pop3s -p /etc/ssl/certs/pop3s.pem -l \
  /usr/sbin/popa3d) 

  with Exim as my MTA.

- I've recompiled popa3d to support virtual users. It uses one
  authentication file per user to control

  1) the system user that popa3d will use to fetch mail for the user
  2) the password for the user (like in /etc/shadow)

  I've set it up to run as the user for real users and as 'mail' for
  virtual users. It fetches mail from the mailboxes configured in exim
  (see below).

- I've changed the local_delivery transport in /etc/exim/exim.conf to
  deliver to /home/virtual/popa3d/127.0.0.1/mail/${local_part} for real
  users

  and I've added a new transport called local_virtual_delivery for
  virtual users:

  local_virtual_delivery:
    driver = appendfile
    user = mail
    check_owner = false
    group = mail
    mode = 0660
    mode_fail_narrower = false
    envelope_to_add = true
    return_path_add = true
    file = /home/virtual/popa3d/127.0.0.1/mail/${local_part}

  This new transport is used by the director virtualuser that I've also
  added as the last director in the file:

  virtualuser:
    driver = aliasfile
    transport = local_virtual_delivery
    file = /etc/virtualusers
    search_type = lsearch

  /etc/virtualusers just contains the names of the virtual users I want
  to allow.

- The current permissions for the mailboxes
  /home/virtual/popa3d/127.0.0.1/mail/${local_part} are like:

  -rw-rw----    1 mail     mail            0 Dec  7 17:33 test
  -rw-rw----    1 tve      mail            0 Dec  7 17:30 tve

  where tve is a normal system user and test is a virtual user. These
  are just examples of course.

What I'd like to know is:

1) What do you think of the permissions for the mail files?

2) How are the passwordhashes in /etc/shadow generated from the
   salt+password? I can't use 'passwd' to update popa3d's auth files, so
   I need to generate them some other way.

3) Any other comments?

Thanks,

Tim

-- 
Tim van Erven <tripudium@chello.nl>
OpenPGP Key ID: 712CB811        Fingerprint: F6C9 61EE 242C C012 36D5
                                             BBF8 6310 D557 712C B811



Reply to: