Andrea Prunic wrote: <snip unrelated original message>
OK, when we're on the subject of patches...Ok this is normal smtp behaviour.
I have a big problem at the moment with a couple of qmail servers I'm responsible for: when I receive a message from system bad.system.com, where envelope sender and/or From: field are from [EMAIL PROTECTED], directed to another [EMAIL PROTECTED], my.good.system.com receives the message, even if bad.system.com made the connection.
ok this is fineNow, I did put up a correct control/rcpthosts only for my.good.system.com, and in /etc/tcp.smtp.cdb I have allowed connectin for anybody, and relaying only for clients from IP's of my.good.system.com.
<snip extra explanation>
This is a limitation of the SMTP protocol. There really is nothing you can do for this.As you can see, I can send a message pretending that I am from my.good.system.com to a user at my.good.system.com, even though I am coming from bad.system.com....
To plug this hole you really will need to redesign the internet email system from the ground up. While you're at it want to fix it so no more spam get's into my mailbox.
So, how can a man plug this hole? I don't see anything of that kind mentioned in any instructions for qmail, only basic thing with rcpthosts (which is valid for the above scenario) and tcp.smtp.cdb (which is also OK)...
I've not seen a patch for this behaviour as it's basically just a hole in the way SMTP was implemented
I suspect that there is some patch for this, but don't know which one, that can also be applied to qmail with the LDAP patch.
On a seperate note in the future please don't reply to an existing thread with a unrelated question. It messes up the archives and plays havok with threaded mail readers.
--Mike
