-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06/07/2011 08:57 AM, Timo Sirainen wrote:
> On Tue, 2011-06-07 at 08:52 -0500, Matt Brookings wrote:
>>>> + /*
>>>> + vpopmail 5.4 does not understand IPv6
>>>> + */
>>>> +
>>>> + if (!(strcmp(host, "::1")))
>>>> + host = "127.0.0.1";
>>>
>>> Does this code really matter? Wouldn't SMTP relay be open from localhost
>>> always anyway?
>>
>> Unfortunately, the 5.4 branch does not understand "::1" as the loopback,
>> and it parses the value incorrectly, leading to an open relay situation.
>> Not all systems allow localhost to relay via SMTP without authentication.
>
> Doesn't it also mean that if someone connects via a remote IPv6 address,
> it again leads to open relay? How about the attached patch instead?
Many systems will be running other qmail and vpopmail services from the
ucspi-tcp package which may not be patched to support IPv6. As a
result, when connecting to "::1", it will be translated to 127.0.0.1,
and as I said before, some systems will not allow localhost to send
without authentication.
I understand it's introducing a hackish fix into your project, but I
will submit a new patch that updates this block of code when a proper
solution that will work across the various system configurations is
determined.
- --
/*
Matt Brookings <m...@inter7.com> GnuPG Key FAE0672C
Software developer Systems technician
Inter7 Internet Technologies, Inc. (815)776-9465
*/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk3uMUEACgkQIwet2/rgZyxdcwCfYtq3lkGoFTlviG6t67c8XKMZ
67MAn1ef3Fft0Fpf1W3z3eygPoA5oTwx
=neo1
-----END PGP SIGNATURE-----
