[Nottingham] chrooted procmail

[Mike Cardwell]

Hi,

I'm building a mail system using exim4 in a slightly unusual way. There 
are no system users involved for the mailboxes. They are all saved as 
the same user "Debian-exim" at the moment. What I want to be able to do 
is allow use of procmail for each of these users. However that poses a 
security risk as all the mailboxes have the same ownership. My idea was 
to chroot procmail. I am having huge difficulties doing this though. 
here's the format of some of the paths involved:

Mail goes into:
    /home/system/data/mail/testdomain.com/mike/Maildir/

I wanted to chroot to:
    /home/system/data/mail/testdomain.com/mike/

I copied the procmail binary and all its linked libraries into 
appropriate directories within /home/system/data/mail/testdomain.com/mike/

I then created a transport with the following command part:

command = "/usr/sbin/chroot '/home/system/data/mail/testdomain.com/mike' 
'/bin/procmail /etc/procmailrc'"

/bin and /etc there are within the chroot jail and procmailrc just has a 
single basic rule that is definitely ok.

I don't get any useful error messages in the logs or the bounce messages.

Am I doing something stupid? Has anyone here done anything like this before?

Thanks,
Mike