On Fri, 17 Oct 2008, Wieste Venema wrote:
On MAC client machines, Postfix runs only briefly when a user submits mail. Apparently, Apple's client configuration runs an SMTP server that receives mail from the network. This client configuration is subject to the same rules as any Postfix installation, i.e. you have to work hard to turn it into an open relay.
The first sentence is true. Out of the box, it's intended to be a local mail server. I guess the "run only briefly" explains why master.cf was so weird. I've turned it into a full-fledged mail server.
But now I think I understand the "vulnerability". Except it's not for those of us who have turned it into a full mail server. And Apple failed to check to see if main.cf had been user-modified. Past updates (IIRC) checked and preserved main.cf and the other config files if they had been user-modified.
On Fri, 17 Oct 2008, Jim Wright wrote:
If you have compiled your own version of Postfix, this update will overwrite it. Be prepared to reinstall your own version, or at minimum restore any configuration files you've changed from the defaults.
It's the Apple provided Postfix with main.cf and master.cf (and everything else) modified to make it work as a real server.
Also a new launchdaemon is added, which I do not believe was present on the client side previously (at least not here, though I may have removed it), and I had postfix attempting to start in two different places.
As far as I can tell, the only thing it modified was main.cf. Or put it this way, after I "fixed" main.cf, it works again for me as desired.
As for launchdaemon, I've used it to start Postfix since shortly after Tiger (10.4) and I see nothing changed there. But I do remember doing some work to convert to using launchd after upgrading from Panther (10.3).
-- Larry Stone [EMAIL PROTECTED]
