1 |
On Sat, Nov 01, 2003 at 09:52:41AM +0100, Martin Lesser wrote: |
2 |
> > The file doesn't belong to vpopmail exclusively. It really belongs to |
3 |
> > qmail, and vpopmail wants to add and remove items from it for it's |
4 |
> > misguiding implementation of relaying. |
5 |
> What do you mean with misguiding? vpopmail - like others - only tries to |
6 |
> record the REMOTEIP for SMTP after POP purposes. |
7 |
I personally believe that /etc/tcp.smtp should not be writable by |
8 |
anybody other than the root user himself, setting it up. |
9 |
|
10 |
> > Qmail looks at /etc/tcp.smtp via tcpserver, which only allows a single |
11 |
> > file to be specified, so there is also a tcp.smtp is in |
12 |
> > /var/vpopmail/etc, then qmail NEVER looks at it, as it really needs |
13 |
> > /etc/tcp.smtp. |
14 |
> Just for clarifying: tcpserver (and not qmail) looks into a cdb-file |
15 |
> which you define as option for tcpserver with -x /path/to/file.cdb. |
16 |
That is exactly what I said: 'Qmail looks at /etc/tcp.smtp via |
17 |
tcpserver'. |
18 |
|
19 |
> So if one uses vpopmail the run-file for qmail-smtpd could be changed in |
20 |
> a way that tcpserver looks in another cdb-file for which vpopmail has |
21 |
> write access. The vanilla vpopmail suggests this IIRC. |
22 |
The problem is that tcpserver only takes the last '-x' parameter it is |
23 |
passed, so you cannot give it multiple cdbfiles. |
24 |
|
25 |
I'd like to enforce a clean seperation between the tcp.smtp that is set |
26 |
by the administrator and the tcp.smtp that vpopmail wants to create. |
27 |
|
28 |
No application should ever re-write configuration files as it goes, |
29 |
there is too much potential for disaster, and ideally should have no |
30 |
permissions to write to the files even. |
31 |
|
32 |
[snip standard information about how qmail-smtpd uses tcpserver]. |
33 |
|
34 |
Worst case scenario: |
35 |
somebody finds a way to exploit vpopmail and add arbitrary information |
36 |
to your cdb-file. now they use your mail server to send spam etc. I can |
37 |
simply turn off the extra relaying added in by vpopmail, and leave my |
38 |
original (and seperate) tcp.smtp file intact. |
39 |
|
40 |
> > A much better overall solution is to use the relay-ctrl package (see my |
41 |
> > notes in the latest qmail conf-smtpd and courier-imap stuff about it). |
42 |
> Ack. |
43 |
Why 'Ack'? The relay-ctrl package is simply the RELAYCLIENT stuff |
44 |
abstracted and made a lot more useful. It also doesn't violate my |
45 |
configuration files. I don't see any convincing reasons why it is less |
46 |
suitable than vpopmail's less than idea implementation of relay after |
47 |
auth. |
48 |
|
49 |
Another nastiness with vpopmail, is that is I wanted to remove the relay |
50 |
after auth only, I'd have to recompile it, versus just flipping a |
51 |
configuration setting. |
52 |
|
53 |
-- |
54 |
Robin Hugh Johnson |
55 |
E-Mail : robbat2@××××××××××××××.net |
56 |
Home Page : http://www.orbis-terrarum.net/?l=people.robbat2 |
57 |
ICQ# : 30269588 or 41961639 |
58 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |