Date: Mon, 17 Jun 1996 00:35:11 +0100 From: "Gary Palmer" <gpalmer@FreeBSD.ORG> To: TWC <twc@ns.calyx.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Secure way to do mail Message-ID: <26496.834968111@palmer.demon.co.uk> In-Reply-To: Your message of "Sun, 16 Jun 1996 19:20:48 EDT." <Pine.NEB.3.94.960616191530.9006A-100000@mojo.calyx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
TWC wrote in message ID <Pine.NEB.3.94.960616191530.9006A-100000@mojo.calyx.net>: > > Hi. I have been trying to come up with a (more) secure way to do email. > I was wondering if it was possible as far as anyone knows to have smap > (from the TIS firewall toolkit) answer on port25, take the mail, then hand > it over directly to procmail (which would be setuid) for local delivery. > Then sendmail could be non-setuid and still used for outgoing email. No, you can't do that, as procmail is only a delivery agent. sendmail (or some other MTA) is still needed for the address parsing abilities. > My reason for not using the standard smap implementation (smap takes the > incoming mail then smapd collects and runs sendmail on it) is that I'd > like to leave a setuid sendmail out of the equation entirely. Local users > could still exploit it, and there are certain sendmail holes that could be > a problem even in a non-interactive chroot'ed environment. Why not still use procmail for local delivery and leave sendmail non-suid? Won't that fit your requirements? You can configure sendmail to use procmail rather than mail.local for delivery... Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?26496.834968111>