some considerations regarding mail delivery
Hello,
until recently, I've lived happily with a getmail/postfix
combination for gathering and sending mail. It wasn't until
the thread here about postfix and open relays that I've started
thinking about security issues. Which is good, but it's kind of
giving me a headache. :)
The problems occurred when I saw all the configuration
options postfix provides, especially those for
"smtpd_sender_restrictions". If I understand it correctly,
"reject_unknown_client", for instance, means that mail _from_
an unknown client is rejected, right? But getmail never contacts
postfix to ask it if a mail should be delivered, because it doesn't
even depend on an mta.
There's an option for pipe delivery, but it refuses to run as
root. I could manage that, but is it really what I need? Will
getmail let postfix deliver all mail then?
Another idea was a .forward file. I've tried using sortmail (for
its simplicity, mostly). Does that contact postfix?
Besides, I think there may be a problem with sortmail. With
""|exec /usr/bin/sortmail root"" in my .forward and a simple
rule like "/test/s:f /tmp/test" in .sortmailrc stores the mail
in that file. If it doesn't exist, it's created and, here's
the problem, owned by nobody/nogroup. Shouldn't that user own no
files at all?! If I try to deliver to another file, owned by root,
sortmail silently does nothing, except losing mail. If I change
the ownership, all goes well. So why does it say it can run as
any user but even if I specify root, that doesn't seem to be true?
What would the best solution be?
Thanks,
andrej
--
echo ${girl_name} > /etc/dumpdates
Reply to: