Your message dated Thu, 10 Jul 2025 16:32:56 -0700
with message-id <28727060.gRfpFWEtPU@soren-desktop>
and subject line maildrop's security model different from procmail's,
problematic with esmtp
has caused the Debian Bug report #405584,
regarding maildrop's security model different from procmail's, problematic with
esmtp
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
405584: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405584
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: maildrop
Version: 2.0.2-11
Severity: normal
I was using maildrop as the MDA with esmtp-run. In this configuration
it's set up to run as "/usr/bin/maildrop -d %T", and %T is the local
part of the address.
This fails when I try to send mail to root, complaining that it can't
change user, which is not a surprise, as it's only setgid mail, not
setuid root.
If I use procmail instead of maildrop I don't get this problem. If I
drop the "-d %T" in esmtp's configuration, then mail from root
(whether to root or another user) goes AWOL with no messages and no
record that I can discover, while mail from a non-root user to root
works fine.
It seems that this might be a reasonable circumstance in which to have
maildrop work setuid root, but if I setuid it it refuses to work
(which is fine given current policy, but doesn't help me to get
maildrop to work with esmtp).
In summary, I don't expect maildrop to come setuid out of the box, but
it seems that if I haven't missed anything then it would be nice if it
did work setuid. If I've overlooked something, please point it out.
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages maildrop depends on:
ii courier-authlib 0.58-4 Courier authentication library
ii esmtp-run [mail-transport-ag 0.5.1-4 User configurable relay-only MTA
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
ii libgcc1 1:4.1.1-19 GCC support library
ii libgdbm3 1.8.3-3 GNU dbm database routines (runtime
ii libpcre3 6.7-1 Perl 5 Compatible Regular Expressi
ii libstdc++6 4.1.1-19 The GNU Standard C++ Library v3
maildrop recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
I am going to close this bug report as it doesn’t appear that there are any
changes that should be made in maildrop.
--
Soren Stoutner
so...@debian.org
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
