[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: while on the topic of SMTP AUTH policy
Returning on this topic..
On Wed, Jun 02, 2004 at 06:16:48PM -0300, Mariano Absatz wrote:
> while on the topic of SMTP AUTH policy...
>
> I've configured a server only for authenticated mail relaying with
> SMTP AUTH.
>
> That is, the server's only job is accepting local users mail (after
> authentication) and relaying it outside... even if it's for our own
> local domain, it will go via MX (to our MX server) relayed from this
> server.
>
> The problem I have is that, when a user is authenticated, he is able to
> use whatever mail from domain he wants... even if it doesn't exist in
> DNS...
>
> How can I prevent this? That is, how can I force dns verification even
> for authenticated connections?
The reason for this is that deep in the policytest.c code you can
find following:
static int pt_mailfrom(state, str, len)
struct policystate *state;
const char *str;
const int len;
{
.. (variable declarations/inits, and SPF tests omitted for brevity) ..
if (state->always_reject)
return -1;
if (state->always_freeze)
return 1;
if (state->full_trust || state->authuser)
return 0;
That is, when user has authenticated, system is hardwired to trust him
always.
Reading that function, I do think that state->authuser test for
acceptance could be moved onwards ... right before WHOSON stuff ?
The related question of "can we have policy verification of sender's
MAIL FROM address vs. his authentication" -- we could have a hook to
handle the thing. Indeed I have thought about adding enbedded perl
into smtpserver so that people can hook up their own policy codes
(or parts of policy codes) as they want.
With recipient acceptance I am a lot less sure of what would be
usefull approach. Right now there is early 'user is authenticated,
accept anything' approach in pt_rcptto() function.
Adding even a 'do verify at least domain DNS data existence' is..
perhaps doable, but is it worth it ?
> Relevant settings of smtpserver.conf are:
>
> PARAM smtp-auth
> PARAM AUTH-LOGIN-also-without-TLS
> PARAM MSA-mode
> PARAM rcvd-auth-user
>
> SMTPOPTIONS is '-sve -s sloppy -l ${LOGDIR}/smtpserver'
> (bloody Outlook Express 'MAIL FROM: <').
Actually 'S' flag in the tail-end of the smtpserver.conf file
"HELO patterns" should do that slightly sloppy behaviour.
The fully sloppy one is where no HELO is required, and several
other such stupid things..
> smtp-policy.mx and smtp-policy.relay are empty.
>
> I'm using the standard smtp-policy.src (zmailer 2.99.56 from CVS 2004-03-
> 12, that is, _before_ latest policy management changes).
>
> TIA
> --
> Mariano Absatz
> El Baby
--
/Matti Aarnio <mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi