[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] RE: RE:How can I rename my Raq 4i from "nobody"? Help from anyone other than Dan?
- Subject: Re: [cobalt-users] RE: RE:How can I rename my Raq 4i from "nobody"? Help from anyone other than Dan?
- From: elmer@xxxxxxxxxxxxxx
- Date: Sun Mar 4 15:12:03 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Sun, 4 Mar 2001, Jon Orsatti wrote:
} I will ask the question again for anyone else who may understand about the
} virtusertable and what script or program writes the virtusertable. Surely
} there are others out there who do not wish to get email forms from "nobody"
} Or the company that setup my Raq just didn't know how to do it and I'm the
} only one?
This is completely normal. Sendmail will only allow trusted
users to change the from address in an email. It can easily be
changed however making that change possible creates a major and
quite easily exploited security hole.
Only a trusted user can change the from address. And, trust
me, there is a very good reason why only a 'trusted' user can do
this. So before you even think about pursuing this, ask yourself
this: "Do I trust the users this is going to effect enough to the
keys to my server?" If so, then check out the T command in your
sendmail.cf file and add every user that you trust with the keys to
your server.
As a trusted user they can then flag their scripts
accordingly and sendmail will happily rewrite the from address. It's
been so long since I've done this (I don't trust anyone with the
keys to my servers) that I can't recall the flag that you'd need to
add to the Perl script. As I recall though, it's something along the
lines of:
/usr/sbin/sendmail -t
Someone a bit fresher in this area can correct me if I'm
wrong.
Last, but not least, if you do this and it comes back to
haunt you don't blame me....