[Mimedefang] what's this file?
David F. Skoll
dfs at roaringpenguin.com
Thu Aug 22 17:36:01 EDT 2002
On Thu, 22 Aug 2002, Douglas J Hunley wrote:
> /etc/mail/mimedefang-ip-key just appeared on my machine today. what is it?
It is a "_FFR" or "For Future Release" which slipped in...
The idea is that sometimes, you want to run MIMEDefang on a machine
which receives mail from another machine you control. For example, you
could have two MX hosts, and if the primary one goes down for a while,
mail queues on the secondary. When the primary comes back up, the secondary
relays to the primary.
Now you'd like a reliable way to determine the "real" sending relay's IP.
So you put a secret key in /etc/mail/mimedefang-ip-key on both machines.
MIMEDefang on the original relay adds a header with the secret key and
the IP address. MIMEDefang on the receiving relay looks for this key
and knows it can trust the relay address, so it sets $RelayAddr to the
value in the header. The header is always deleted before mail gets
sent so the secret doesn't leak out.
Also, when you resend mail with one of the stream_by_xxx functions, MIMEDefang
will save the IP address and restore it, so the mail looks like it's coming
from the original relay rather than 127.0.0.1.
This feature is not yet documented, but I have used it internally. The
relevant parts of the source code are:
mimedefang.c, line 740 -- look for the magic header
mimedefang.pl.in, lines 1171 and 1247. Also line 2973.
The text in /etc/mail/mimedefang-ip-key is somewhat secret. You don't
want users giving it out casually. If the whole mechanism bothers
you, just delete the file and MIMEDefang won't attempt to preserve the
sender's IP address.
Regards,
David.
More information about the MIMEDefang
mailing list