Nick Sayer([EMAIL PROTECTED])@2001.06.22 09:45:47 +0000:
>
>
> Karsten W. Rohrbach wrote:
>
> > Nuno Teixeira([EMAIL PROTECTED])@2001.06.21 21:51:34 +0000:
> >
> >>Hello to all,
> >>
> >>The FreeBSD default permissions for /var/mail are 0755.
> >>
> >>Why is that PINE says that the /var/mail directory is vulnerable and it
> >>says to change it to 01777
>
>
> 1777 makes it possible for users to create files in /var/mail. The good
> news is that they can make lock files, which make "simultaneous"
> delivery and reading more reliable. The bad news is that they can make
> files named like other people's mailfiles. This can either be an attack
> on their reader of choice or a denial of service, depending on how smart
> the client and MDA are.
that is, why i consequently killed /var/mail delivery on all of the
systems i administer (administrate? whatever)...
> As such, /var/mail is A Bad Thing. Putting mail into a file in the
> user's home directory is much safer. But the spec is too old to change
> by this point. So the best idea is to dispense with Unix formatted mail
> files alltogether. Thus this advice:
>
>
> > use Maildir
> > faster, simpler, secure -- simply put: better ;-)
>
>
> cyrus is better still, so long as you don't mind _only_ being able to
> use IMAP to play with your mail. Cyrus is particularly good for
> companies, as lmtp deliveries result in multiple ccs being hard links
> rather than separate copies. Great for when Marketing sends 20 copies of
> a 50M powerpoint presentation. :-)
indeed, but as you said, imap only. i switched to multiple boxes with
qmtp transport and big mail volumes, in other words: i hit the problem
with iron ;-)
> As for MUAs, nothing I've tried has beaten Netscape 4.x yet, although I
netscape mangles headers. thus, netscape is bad, IMVHO.
> have switched over to Mozilla and it is close. For non-GUI, I prefer
> pine despite its tarnished security reputation. Surprisingly enough, a
over the past years i started to hate pine with all the security flaws
and other operational problem that arise (mainly lack of support for
maildir).
for my fellow *bsd shell people, mutt does the best job and even newbies
to unix and the like take a preconfigured muttrc and there they go.
my personal mutt config is linked from my homepage and from the mutt
faq, so you might give it a spin (configured vs. unconfigured)...
> close second place behind Mozilla for me is SquirrelMail in a web
> browser. It really is good, believe it or not. I would make a port for
> it, but it's sort of pointless as it's just a bunch of php scripts you
> unpack into your www data direectory (www.squirrelmail.org if you are
> curious).
heard about that, gonna try it out on some intranet server next week.
/k
--
> If it ain't broke, overclock it!
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- [EMAIL PROTECTED]
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
Please do not remove my address from To: and Cc: fields in mailing lists. 10x
PGP signature
