From: russell@coker.com.au (Russell Coker)
Date: Mon, 23 Feb 2009 11:21:35 +1100
Subject: [refpolicy] procmail etc
Message-ID: <200902231121.38116.russell@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

I believe that in retrospect it was a mistake to use the domain procmail_t for 
procmail.

There are several other programs providing essentially the same functionality, 
I am now using Courier "maildrop" on one important server and will soon 
evaluate "deliver" from Dovecot.

It seems to me that there is no benefit in trying to isolate the different 
LDAs from each other.  The only situation in which it seems possible to have 
more than one LDA in use is from a .forward file (under local user control) 
which therefore has Unix permissions to isolate the different instances.  It 
would be good to have extensions to some popular MTAs to use a user specific 
context for the LDA, which could be something like user_lda_t, staff_lda_t, 
etc.

While it would be quite possible to extend the courier and dovecot policies to 
support maildrop and deliver, I think that would be the wrong approach.

I believe that the right thing to do is to start by renaming procmail to lda 
and then adding support for maildrop and deliver, and I'll write the policy 
and send a patch after giving people time to comment.

-- 
russell at coker.com.au
http://etbe.coker.com.au/          My Main Blog
http://doc.coker.com.au/           My Documents Blog