OT: Secure MDA (was Re: [Mimedefang] Need to turn off CC in Defang Notifications)
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Thu Dec 2 02:16:37 EST 2004
On Wed, 1 Dec 2004, Joseph Brennan wrote:
> hosts and mail servers, but if the mail server reads .procmailrc
> over NFS, users can therefore execute programs on the mail server
> just by receiving mail.
This is, in fact, our setup.
In the past, we had too much trouble, e.g. ill-written scripts, that
consumed lots of CPU and memory, even bouncers and other servers got
invoked.
Actually, I'd stick message filtering to pick some proper maildrop
directories and/or to forward to another mail address.
I considered to move the user .procmailrc's into some local place with
web-interface and parse the contents prior installing it, e.g. to reject
the conf file, when a '|' character is found; but I haven't tested the
idea, yet.
Bye,
--
Steffen Kaiser
More information about the MIMEDefang
mailing list