Red Hat Bugzilla – Bug 41811
No local mail delivery possible
Last modified: 2008-05-01 11:38:00 EDT
Postfix isn't able to to deliver any local mail, because it calls the local
delivery agent (procmail) as the user receiving the mail (and for root it
even uses another user, see main.cf). This problem first appeared after
procmail's setuid and setgid bits were removed in RHL 7.1.
An (insecure?) workaround is to change procmail to setuid root / setgid
mail. FWIW: only changing setgid mail (so not setuid root) works for
delivering mail to all users except root.
Where is the problem? At least on my system, a local user can deliver mail to
himself. I'm running postfix here without any problems or setuid/setgid bits.
A prerequisite for the problem is that no mail spoolfile (/var/spool/mail/$USER)
exists for the receiving user (it can append to a spoolfile - except for root -,
but it can't create a new spoolfile).
Don't do that, then(tm).
The only ways to "fix" this would be making procmail or postfix setuid or
making /var/mail world-writable, all of which opens the door to security
The problem can be reduced though: adduser should create an empty mail spool
for the user. assigning to shadow-utils so I'll remember to do this.
Done in shadow-utils-20000902-1.
And what about users not created with useradd, like NIS users or users
Furthermore, this would mean an environment with many thousands of users would
*always* have many thousands of /var/spool/mail directory entries, not a very