[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Removing the POP before SMTP pkg

Subject: RE: [cobalt-users] Removing the POP before SMTP pkg
From: "Dan" <dan@xxxxxxxxxxxxx>
Date: Sat Jan 8 07:41:00 2000

>
> Do you mean that anything listed in the "Relay email from these
> hosts/domains" window will be relayed without further checking?  That's a
> reasonable assumption, but since the RaQ web-interface
> automatically places
> the names of all hosted domains in this window, it makes for a pretty
> insecure mailserver.

The mail must actually come from those domains and it will only be relayed
to a domain on your RAQ. It won't relay to an address outside. e.g., I put
4sarasota.com in my allowed to relay field. IIRC, I can use the RAQ SMTP to
send to one of the domains hosted on that RAQ, but not an outside address. I
believe the RAQ resolves the IP to the domain that the mail is actually
coming from. Not by checking the "From" or "Reply-to" in the email. So far
it seems secure. Some RAQ1 servers had a problem with Cobalt's non-standard
version of Sendmail allowing Spam to relay using
joe@xxxxxxxxxxxxx@[cobaltdomain.com]  I think that was the syntax. This was
Sendmail 8.9.something as I recall which was supposed to be secure.

>
> A mailserver set up to forward mail for myclient.com will host ALL mail
> with a return address of <*@myclient.com>, right?  So you, or
> anyone else,
> including spammers, can use a return address of
> <anything@xxxxxxxxxxxx> and
> bounce off my server?  That seems a pretty unreasonable default, designed
> wholly to get around the safeguards built into the latest builds of
> sendmail, so unknowledgeable RaQ purchasers can easily set up promiscuous
> servers <frown>.

Not so easily.

>
> Also, the same seb-based setup also puts the IP#s into this window, which
> is totally unnecessary.  The only functionality I can understand here is
> for people logged in using telnet who send mail.  But since these
> IP#s are
> hosted on the same system, they're unnecessary.

I think it may affect CGI scripts like FormMail as well, but I haven't
checked that.

>
> Since we currently don't allow our customers to use our mail-server for
> outgoing email, I imagine the best thing I can do is remove everything in
> this window.  Does that sound reasonable to you?

May affect FormMail.pl, but that's just a guess.

>
> Will, your comments are welcome.  So are anyone else's.
>
Thanks. I guessed that's why you sent it to the list.
--
Dan Kriwitsky

Follow-Ups:
- [cobalt-users] Email Relay Bug (?) (WAS: Removing the POP before SMTP pkg)
  - From: Fathi Said
- RE: [cobalt-users] Removing the POP before SMTP pkg
  - From: Jeff Lasman

References:
- Re: [cobalt-users] Removing the POP before SMTP pkg
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] [Cobalt] Security Advisory - Majordomo
Next by Date: [cobalt-users] Memory problems with Webalizer pkg
Previous by thread: Re: [cobalt-users] Removing the POP before SMTP pkg
Next by thread: [cobalt-users] Email Relay Bug (?) (WAS: Removing the POP before SMTP pkg)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index