Re: Postfix Security Documentation
On Wednesday 20 August 2003 06:26 am, Tomasz Papszun wrote:
> Sure, I know it.
> # service type private unpriv chroot wakeup maxproc command + args
> # (yes) (yes) (yes) (never) (50)
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> But I think that (almost?) all process that _can_ be chrooted, _are_
> How could the 'local' process deliver mail to user mailboxes if it would
> be chrooted??
> If I'm wrong and it's possible somehow, someone may correct me of
It is possible, but with some extra work. You need to have the delivery
desination in the chroot jail with it. For example, if you have it chroot to
/var/spool/postfix then you want to make /var/spool/postfix/var/spool/mail/
as that will be where mail is delivered to by default. Using "mount -o bind
/var/spool/mail /var/spool/postfix/var/spool/mail" you can have the same
stuff in both locations (or reverse it if you are really parinoid about
> > Sven, do you want to chroot *all* processes? Postfix is supposed to be
> > secure out of the box
> I think the same :-) .
I think the added steps of chrooting the last three proccess is unneccicary,
except for overly parinod experts. I say experts, because in changing the
default behavior of postifx, it is possible to open up more security problems
than you are preventing, and at the same time make it harder for you to
dectect such problems.
> > (except for programming errors, as we recently saw :-( ).
> Even those, they were just vulnerable to DoS and "bounce scans", not
These sort of things will always be around, in every mail system. It's due to
the fact SMTP is such a horrid protocol. But we are stuck with it, so we do
the best we can with tradeoffs.
> > So improving Postfix security should be done inside of
> > Postfix. You may want to you the Postfix mailing list (warning: lots
> > of traffic!) and ask there.
There is also several irc channels for postfix scattered about- they are not
real talkitive, but its certianly less traffic than the postfix list.