File attachments… Our server uses a different user account for the mail server vs. the web server. This means scripts like the api pipe run with different permissions / owner / group.

First, the upload folder needs to be accessible (write) by both web users AND mail user – in my case I made it 0777

For security, this folder should NOT be inside the web root – that way people can not take advantage of the server as easily.

The, patch the code to ensure attachments are editable / accessible by the other process (i.e. the web server can delete an attachment submitted by email):

--- class.ticket.php.ORIGINAL Fri Mar 5 00 2010

+++ class.ticket.php Fri Mar 5 00 2010

@@ -832,6 +832,8 @@

$file=Format:($file);

$filename=rtrim($dir,'/').'/'.$rand.'_'.$file;

if(move_uploaded_file($file,$filename)){

+//FORCE CHMOD TO ENSURE READABLE / DELETEABLE BY ALL

+chmod($filename, 0666);

$sql ='INSERT INTO '.TICKET_ATTACHMENT_TABLE.' SET created=NOW() '.

',ticket_id='.db_input($this->getId()).

',ref_id='.db_input($refid).

@@ -861,6 +863,8 @@

if(($fp=fopen($filename,'w'))) {

fwrite($fp,$data);

fclose($fp);

+//FORCE CHMOD TO ENSURE READABLE / DELETEABLE BY ALL

+chmod($filename, 0666);

$size=@filesize($filename);

$sql ='INSERT INTO '.TICKET_ATTACHMENT_TABLE.' SET created=NOW() '.

',ticket_id='.db_input($this->getId()).