[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fw: VIRUS IN YOUR MAIL (W32/BugBear.A (Clam))


On Fri, Oct 18, 2002 at 08:48:05AM +1000, Brian May wrote:

> On Thu, Oct 17, 2002 at 02:18:34PM +0200, Emile van Bergen wrote:
> > Of course, you need to implement quite a bit of SMTP before getting at
> > the DATA phase, but it's potentially cleaner than doing it in a
> > transparent proxy, because you only have to deal with the pure data
> > stream through a set of open file descriptors, not with the IP side
> > of things.
> If postfix (or whatever MTA you use) sees the connection as comming from
> the proxy server, rather then the real server, you have just broken the
> code which prevents postfix being used as an open relay.
> The MTA needs to know where the connection started of from, in order to
> decide if it is allowed to relay the mail or not.

Sure, of course. If you look at how Qmail handles this though, it
doesn't have the actual server do a getpeername() on its standard in on
the assumption that that's the original socket; rather, it has tcpserver
passing down the peer IP and a few other things in environment variables
to the server or 'proxy process' it spawns. See

In short, this way that information is preserved even if you put some
'filter' in the pipeline from tcpserver to qmail-smtpd. 



E-Advies / Emile van Bergen   |   emile@e-advies.info
tel. +31 (0)70 3906153        |   http://www.e-advies.info

Attachment: pgp95cF5Zu4Zq.pgp
Description: PGP signature

Reply to: