[Mimedefang] Issues w/ authenticated submission
    Philip Prindeville 
    philipp_subx at redfish-solutions.com
       
    Wed Apr 19 02:11:20 EDT 2006
    
    
  
David F. Skoll wrote:
>>Except that read_commands_file isn't working.  I'm seeing:
>>    
>>
>
>  
>
>>Apr 18 16:26:28 mail mimedefang[11357]: Error from multiplexor: error:
>>Cannot open COMMANDS file from mimedefang: No such file or directory
>>    
>>
>
>Ah!  I knew I had another reason for not implementing filter_helo
>originally...
>
>  
>
Well, the original reason as I remember was that Sendmail wouldn't give
any other reply but 220 when it saw a well-formed "HELO" line... it
would instead transition into the next state where it's expecting either
MAIL FROM:, EXPN, VRFY, or QUIT.
So having an extra filter wouldn't accomplish much, because the error
wouldn't be generated until following the next command sent by the
client AFTER the "HELO" line.
Which is overly vulnerable, if you ask me, and the RFC should have
been a lot more paranoid... but hey, it was written 20 years ago, when
the Internet was run on good will and gentlemen's agreements...
I'd rather continue to do the helo checks in filter_helo()...  it keeps the
code more manageable.
But I would like to consider moving some of the variables into
the command file sooner so that they're available.
At the moment that the HELO is sent...  Has a queue-id even been
assigned?  If not, then how do you figure out which command file
to read?
-Philip
    
    
More information about the MIMEDefang
mailing list