[Mimedefang] Another Sendmail security problem: Upgrade to 8.12.9
Dirk Mueller
dmuell at gmx.net
Sun Mar 30 13:59:00 EST 2003
On Son, 30 Mär 2003, David F. Skoll wrote:
> The "only" part of Sendmail that runs as root is the SMTP listener. Of
> course, that's a big chunk of code. :-)
Yes, and well integrated in the rest of the code.
> I do not have plans to integrate MIMEDefang with Qmail, because the
> licensing terms of Qmail are unacceptable to me.
I agree on that.
> I took a very quick
> look at Postfix, and it looks more promising. I may investigate it
> further, but until/unless someone actually asks for Postfix
> integration and puts up funding (or contributes code), it probably
> won't get past the thinking stage.
I would like to help, at least in testing. However, I didn't fully
understand yet if its possible (on the same level as libmilter does) to
intercept Postfix. It seems the content_filter feature allows an extra,
either shell script or SMTP based filter step, so it should be possible to
implement the usual body checks (spamassassin, virus filtering) and
modification (boilerplate, stripping of large attachements, defanging mime
attachements). The only part I'm not so sure about is if its possible
implement filter_recipient/filter_sender in postfix.
However, for a first step the content_filter hook looks promising. I'll play
with it a bit for the next few days, to see how much is possible.
--
Dirk
More information about the MIMEDefang
mailing list