2.2.7.3. Mail-only Users
To help prevent local user exploits on the Postfix server, it is best for mail users to only access the Postfix server using an email program. Shell accounts on the mail server should not be allowed and all user shells in the
/etc/passwd
file should be set to /sbin/nologin
(with the possible exception of the root user).