Why do I need a vmail user?If you are configuring virtual mailboxes on a mail server, you may be wondering why most guides recommend creating a vmail user. It is good advice but it is seldom explained.
The traditional method of delivering mail on unix is to unix user accounts. A mailbox is just a file or folder (typically /var/mail/username) owned by a unix user. File permissions are used to allow the owner to access the mailbox but restrict access by other users.
Imagine an email being delivered to email@example.com:
- The email is transferred to the system responsible for example.org.
- The system looks for the user kushim in /etc/passwd.
- The username is found with a user identifier (UID) of 1000.
- The email is saved to mailbox /var/mail/kushim using UID 1000.
- Kushim can access the email but other normal users cannot.
A virtual mailbox is an email account without an associated unix user. Mail to a virtual mailbox is still going to be saved to a file but which UID should own this file? You might be tempted to use the UID of your mail server (e.g. Postfix) but that would not be appropriate. That UID would have more privileges than are necessary for the local delivery of mail. A potential vulnerability which could be exploited. If other programs (e.g. Dovecot) use the same UID or group identifier (GID) to access the mailbox, that increases the risk.
Arguably the most common solution is creating a user specifically for the purpose of owning virtual mailboxes. There seems to be a convention of using username vmail and UID 5000. Access to virtual mailboxes can then be controlled through this user or group, without granting any other privileges.
That is why you need a vmail user. The next question I may try to answer is: why is UID 5000 used for virtual mailboxes?