Dovecot version 1.0rc15 for Fedora Core 4, tighter permissions for homes

Hi all, <p> A few days ago, I rolled out a new Dovecot package for CentOS/RHEL 4. That one went so well (loads of complains and bug reports within hours of release, but it only took a couple of updates throughout the day to fix it, so we'll call it a success), that I'm doing it again for the poor...ahem...lucky folks using Fedora Core 4. (If you have FC5 or FC6, then you don't need this update.) <p> Anyway, since this is a rehash of the same package roll-out from a few days ago, I'll just re-post the same blurb with minor alterations: <p> I've rolled out a somewhat experimental (but much needed) package of Dovecot version 1.0rc15 for Fedora Core 4 on i386 and x86_64. This upgrade fixes an irritating limitation of Dovecot 0.99, as provided by the OS software repositories. Specifically, older versions do not support group membership, and so the full path to each users home must be readable by world, if Maildir mail spools are being used (this applies to everyone with a default Virtualmin Professional installation). With the 1.0 version, this limitation no longer applies, and homes can default to 0750 permissions. <p> This update is recommended for everyone running Fedora Core version 4. It has been tested to behave correctly in every circumstance I could think of, and we've been running this version, and a couple of earlier versions, on Virtualmin.com for several weeks without incident. <p> Versions for other operating systems (excluding those systems that already have a recent version) will be rolled out over the next 24-36 hours. <p> To upgrade on Fedora: <p> yum update dovecot <p> Please note any errors, and let me know about them in the bug tracker. The expected behavior for systems with an old version of Dovecot is either no messages (other than the usual installation progress bar), or this notice: "Found old dovecot.conf, saved to /etc/dovecot.conf.rpmsave" if your dovecot.conf has ever been modified. If this message occurs, you may need to re-apply any changes you made to your Dovecot configuration. The Webmin Dovecot module supports both the old and new syntax, so you can use Webmin to make changes, if you like. <p> And now...the fun part! <p> Once you've updated your Dovecot version, you can setup Webmin to create new homes with 750 permissions. To do that, browse to Webmin's Users and Groups module in the System category. Click on the "Module Config" in the upper left corner of the right content panel. <p> In the "Home directory options" section, change "Permissions on new home directories" from 0755 to 0750. Save it. <p> Finally, change the permissions on your existing directories with: <p> cd /home chmod 750 * <p> All done! You're directories are now locked down tight as a drum, but you can still pickup your mail. <p> As always, if anything goes wrong, let us know. We'll help you fix it--anything that can go wrong during this process is pretty easy to fix, so don't panic. <p> <b>Known Issues</b> <p> There is a known issue with autoresponders once the permissions have been locked down. This is expected to be fixed in the next Virtualmin virtual-server module fix...if you use that functionality now, you may want to hold off for a few days on locking down the permissions.