On Thu, Jul 27, 2000 at 02:07:18PM -0400, John R. Levine wrote:
! You should have tested it, since it doesn't work. Tcpserver hands its
! environment variables to smtpd, but bouncesaying is called much later
! in the process from a different program that doesn't inherit the
! environment variables.
D'oh, of course. (Sorry, Bryan.) tcpserver can't touch qmail-lspawn, so
of course .qmail files can't see variables set by tcpserver.
! And I'd write a little perl script called check-local origin that
! reads its input until it finds a "Received: from" header, checks the
! IP in that header to see if it's a local one, and returns 0 if it's OK,
! otherwise prints "Restricted internal list, go away\n" and returns 100.
I appreciate that this is probably the only way to extract the sending
IP address, but it can't work if you have untrusted local users who can
insert arbitrary Received fields. Of course, in Bryan's case this is a
nonissue since he does want local users to be able to send.
There's got to be a ``badrcptto'' option in qmail-smtpd. Back in my
sendmail days, I wrote some rules that prohibited sending to class F
addresses unless you're from localhost, and a trusted user (i.e., in
class t), with majordomo being a trusted user.
! I use something like that to keep people from spoofing mail into the
! lists that majordomo controls here.
Since you mention majordomo, I presume this isn't version 1.*, right?
The triviality of spoofing majordomo 1 subscription cookies has been
a major factor in my decision to use ezmlm.
---Chris K.
--
Chris, the Young One |_ but what's a dropped message between friends?
Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H.
http://cloud9.hedgee.com/ |_ Robinson, IV
PGP: 0xCCC6114E/0x706A6AAD |_
