Re: BTS says qmail's sendmail-clone is broken
On Tue, Feb 02, 1999 at 11:42:54AM -0500, Phillip R. Jaenke wrote:
> The sendmail replacement bin likely isn't broken. The qmail-src package
> is. Quite badly. The entire intent of qmail is *fast* and *secure*. The
> qmail-src package is fast, yes, but NOT secure. It does NOT follow the way
> qmail was meant to be built by default.
Debian's policy uses /var/spool/mail for delivery. MTAs must also use
/var/spool/mail by default. Qmail cannot do this and modification to
make qmail do this would be evil, given qmail's design. (I object to
shared mailboxes as well)
> The configuration symlinks, those are not a problem. In fact, I think
> they're a great idea. A bit poorly implemented (symlinking the entire
> /var/qmail struction to /etc/qmail would be nicer) IMO, but a secure
> implementation there.
That would be just as lame as putting everything in /var. /var/control
is linked to /etc/qmail. The purpose of /etc is for configuration files,
control holds all of qmail's configuration. /var/spool is for the mail
spool, and that is appropriately linked. /var/qmail itself should not
exist IMO, it's a dumb idea. It's WRONG according to every filesystem
standard there is. Debian's policy currently uses FSSTND, and will
eventially use FHS.
> Using /var/spool/mail/$USER is where it blows up. That's not what qmail is
> meant to do. Qmail is meant to deliver using the MBOX format. Which means
> mail is delivered to $HOME/Mailbox, as opposed to /var/spool/mail/$USER.
> This is a much safer and more secure method. Of course, with network
> mounted home directories, sometimes you might lose bits and pieces, but
> it'll happen with a network mounted /var/spool too.
Back to delivery.. There are two ways to fix this real quick and I am
almost certain one or both of them are documented in /usr/doc/qmail of
the built source package...
change the variable which controls the delivery. The default is
to use procmail but you can also use the normal delivery. Either
way .qmail takes precedence.
Noteworthy is that I use 1. even though I don't use qmail anymore. I do
not and will not use a non-dfsg free MTA anymore, exim works fine and
even speaks maildir. I have set it up to use procmail as well, which
ALSO speaks maildir nicely.
> If there's a bug/security hole in debian, it's most likely because of
> using /var/spool as opposed to the MBOX format. I'll do a dpkg -i of my
> qmail-src built qmail.deb today, and see if I can't confirm or deny this
> bug once my Motrin kicks in.
See the above two solutions, get rid of /var/spool/mail. It's only
there for policy's sake and you don't need it---all Debian's MUA's will
work with anything as long as $MAIL is set or you configure their .rc
Only some small few tools rely on things being in /var/spool/mail.. Only
one i know of off hand is a little dotlock thing for use in sh scripts
that is sgid mail.
Anticipation is the sweetest form of torture...