Limiting Damage

DBMail should make every effort to limit damage, including:

  • Setting memory, process, and filesystem resource limits
    • Rationale: Most administrators don't - either because they don't know how, or they figure they'll get to it later.
  • dbmail-imapd should run chroot()ed
    • Rationale: It doesn't need filesystem access anyway (except for SQLite- but that's solved differently)

The installation directions should also recommend:

  • dbmail-imapd should not have direct access to make network connections, nor does it need to send UDP packets. On Linux this is fairly easy to do, assuming the dbmail user is called “dbmail”
  iptables -A OUTPUT -m owner --uid-owner dbmail -p tcp --dport 143 -j ACCEPT
  iptables -A OUTPUT -m owner --uid-owner dbmail -p tcp --sport 143 -j ACCEPT
  iptables -A OUTPUT -m owner --uid-owner dbmail -j DROP
 
limits.txt · Last modified: 2012/02/12 16:49 by are
 
DBMail is developed by Paul J Stevens together with developers world-wide