1 |
On Friday 28 May 2004 01:22 pm, Ben Munat wrote: |
2 |
|
3 |
> PPS: Something else I've been meaning to ask: isn't there a certain |
4 |
> amount of risk in setting up qmail to relay all mail originating from |
5 |
> the server? If I eventually have a number of users on this machine |
6 |
> couldn't one of them abuse this priviledge? |
7 |
|
8 |
they can't already just use /var/qmail/bin/qmail-inject to inject messages? |
9 |
Or call qmail-queue directly? Hell, they could even do this: |
10 |
RELAYCLIENT="" tcpserver 0 12345 qmail-smtpd |
11 |
then connect to port 12345, and spam all day! |
12 |
|
13 |
If you don't trust your users to not abuse your mail server while they're |
14 |
logged in to it, they shouldn't have a shell on it, period. |
15 |
|
16 |
-Jeremy |
17 |
|
18 |
-- |
19 |
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. |
20 |
jeremy@××××××.com ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l |
21 |
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail |