At 03:24 PM 01-03-2001 +0000, Mark Delany wrote:
>On Thu, Mar 01, 2001 at 10:19:34AM -0500, Dave Sill wrote:
>> >My qmail project, only 1 week away from implementation, was canned, we are
>> >now moving to Lotus Notes.
>>
>> Well, it's not a total loss. At least you learned something about
>> qmail.
>
>And maybe you can convince your company to use qmail as your email
>relay server on the firewall. Use Notes internally in a protected
>environment and only expose qmail to that nasty world out there.
Yah, that's very similar to what I'm doing. qmail on the firewall.
qmail doesn't do a lot of what Notes does, so if they really want those
stuff, then yeah Notes could be a good choice.
Thing is I'm not sure that qmail would really protect mailservers behind
the firewall from the usual buffer overflow stuff.
For example, if an attacker sends a mail with a huge GMT field, will it
still go through qmail unfiltered? I get the impression that qmail does
very little reprocessing of the message.
Of course you can't protect mailservers totally, but I figure one could
make a pretty good try with the obvious cases (typical buffer overflows,
validation checks etc).
Maybe I could make a filtering module and stick it in after qmail-smtpd or
something.
Cheerio,
Link.
