Date: Sat, 15 Dec 2007 06:44:22 -0500 From: Gerard <gerard@seibercom.net> To: freebsd-questions@freebsd.org Subject: Re: Suggestions please for what POP or IMAP servers to use Message-ID: <20071215064304.2209.A38C9147@seibercom.net> In-Reply-To: <BMEDLGAENEKCJFGODFOCCEDICFAA.tedm@toybox.placo.com> References: <200712142357.07080.wundram@beenic.net> <BMEDLGAENEKCJFGODFOCCEDICFAA.tedm@toybox.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On December 14, 2007 at 11:25PM Ted Mittelstaedt wrote:
[ snip ]
> It is dangerous to put any webmail application on a mailserver
> for a couple reasons. First it is possible for users of the
> app (assuming the app has the ability to save mail) to overflow
> directories on the mailserver. However more seriously, any
> www application is always subject to security issues - a hole in
> the application, even if the apache version your using is secure -
> allows spammers to relay through your mailserver. Mailservers are
> of course, the most desired of spam relays.
If you are using Postfix, placing the following in the 'main.cf' file can
significantly reduce the potential regarding relaying from Apache. Of course,
insure that the group is correct.
authorized_submit_users = !www, static:all
--
Gerard
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071215064304.2209.A38C9147>