Why does SmarterMail need LSA User? What about on Linux? I've not looked at that yet. I am thinking about Docker Container on Linux is supposed to be better to Isolate the R/Ws! I can barely spell Linux so don't ask me too much!

I know a lot of functions SmarterMail calls likely require permissions but I think in a full review we might find that a lot of SmarterMail does not need such permission.

Back when MRS was ASPX App I set the Web Site of MRS to App Pool Identity to prevent breakout of the sandbox but that does not help us now as SmarterMail has implemented its own Web Server as part of the APP and MRS is a simple Web Proxy. This is now a typical dev pattern for .NET Core 8, 9 or 10. The reason for this dev pattern is a good thing as SmarterMail can do more surveillance of incoming connections and report about them -- aka a stronger IDS which I applaud!

Maybe SmarterMail could decompose the service into higher and lower level permissions to tighten up the file permission security. An example of this is ColdFusion where they isolated functions to dedicated services to potentially limit breakouts.

When I used to run ISC Bind the installer created a local user for the Service thus you only needed that user permissions on a specific folder to R/W. Thus you did NOT have the ability to write all over the server in the first place.