Hi, sorry for the empty mail. I don't know what Mozilla is messing up here.
Ken Murchison wrote: > > In order to deliver mail directly to a folder, the folder must have > the 'p' (post) ACL set for user 'anonymous' or 'anyone'. Isn't this some kind of a security hole? I mean, anyone who wants to filter his or her mails with procmail has to be able to run deliver. But then, anyone could post mails to the (sub)folders of other users. Some explanations: I fetched my mails with fetchmail and let fetchmail deliver them to postfix via smtp. This caused heavily swapping on my machine, don't ask me why. So I let fetchmail feed the mails directly into cyrus imap which worked simply perfect. Then I set up sieve to sort my mails. After recognizing sieve to be too restricted for my purposes I thought about procmail, and finding in the man page of fetchmail that fetchmail in fact can deliver to procmail directly, this seems to be a quite good solution. First I thought of letting procmail include a header line which then can be used by sieve to file the mails into the appropriate (sub)folders. But this would lead to having to keep an eye on two filter setup files, so I was happy to see that with the cyrus deliver program procmail apparently is able to deliver directly into folders and subfolders. But now ... see above about my concerns of this being some kind of a security hole, when "forced" to give 'anyone' the permissions to post to my (sub)folders. After having googled for hours I still haven't found a simple solution to my "problem", except as mentioned above, chaining procmail and sieve that is. I hardly can't believe that there isn't a simple solution to allow procmail to deliver to (sub)folders when being run under the UID of the "mailbox owner", I mean I already have an entry in /etc/sasldb for this user, otherwise installsieve and sieveshell won't work. Ok, I still have to enter the password when running installsieve or sieveshell, and this seems to be somehow inappropriate for procmail. But on the other hand, I can set up ssh to not ask for passwords and still being secure. Any further help appreciated. Bye f.d.g.
