Re: [cobalt-users] Removing the POP before SMTP pkg

[Jeff Lasman <jblists@xxxxxxxxxxxxx>]

Ahaaa...

We've reached the author...

So I can ask some questions.  I hope you'll answer, Will.  I also hope to 
see some feedback and commentary on the security issues I raise from other 
interested listmembers.

I'm running a RaQ2; all Cobalt-supplied software is standard (though I've 
built my own additional majordomo running in a separate directory)...

(And, no, don't look at the headers in this post to see; I use my own 
server from home, not my colocated RaQ server.)

At 05:49 PM 1/7/00  Will DeHaan wrote:
> If the package is installed and you're not prompted to check mail before
> sending, then you are using a trusted host as configured in the
> administrative web interface Control Panel -> Email Parameters menu.
>
> POP-before-SMTP relaying respects your relaying rules specified in Email
> Parameters of the Control Panel menu.

Do you mean that anything listed in the "Relay email from these 
hosts/domains" window will be relayed without further checking?  That's a 
reasonable assumption, but since the RaQ web-interface automatically places 
the names of all hosted domains in this window, it makes for a pretty 
insecure mailserver.

A mailserver set up to forward mail for myclient.com will host ALL mail 
with a return address of <*@myclient.com>, right?  So you, or anyone else, 
including spammers, can use a return address of <anything@xxxxxxxxxxxx> and 
bounce off my server?  That seems a pretty unreasonable default, designed 
wholly to get around the safeguards built into the latest builds of 
sendmail, so unknowledgeable RaQ purchasers can easily set up promiscuous 
servers <frown>.

Also, the same seb-based setup also puts the IP#s into this window, which 
is totally unnecessary.  The only functionality I can understand here is 
for people logged in using telnet who send mail.  But since these IP#s are 
hosted on the same system, they're unnecessary.

Since we currently don't allow our customers to use our mail-server for 
outgoing email, I imagine the best thing I can do is remove everything in 
this window.  Does that sound reasonable to you?

> Are you sure this package was not
> working for you?  If so I'd like to know much more about your
> configuration to correct the package file if necessary.

I presume that what manitu wanted to do was to was limit email sending by 
his hosting clients; for that, wouldn't the POP-before-SMTP patch work fine 
ONLY after he empties everything in that same "Relay email from these 
hosts/domains" window?

I've been hosting email servers since 1994; in fact I hold the 
western-hemisphere distribution rights for Mailtraq, a Windows-platform 
mailserver <www.mailtraqna.com>.  Since 1995 (the origin of spam) it's 
always been my presumption that the only reasonably safe use of sendmail is 
to allow only known systems attached with permanent IP#s to use the 
mailserver.  Of course even this isn't totally safe, since IP# spoofing can 
and does occur, but that's a topic for another thread, perhaps in another 
list or newsgroup (the Internet Access list comes to mind <smile>).

> I made an error in the release 1.1 uninstall script, so you'll need to
> remove the file /var/lib/cobalt/pop-before-smtp-1.1.uninst manaully
> before running the install.cgi.

We all make mistakes.  I find it much more dangerous to presume every 
webhost customer can forward mail based on domain-name, than to make an 
error in an uninstall routine.

Will, your comments are welcome.  So are anyone else's.

Thanks.

Jeff

--
Jeff Lasman, nobaloney.net
<jblists@xxxxxxxxxxxxx>
<www.nobaloney.net>, <www.mailtraqna.com>, <www.email-lists.com>