Filtering out email addresses with pipe symbol

2000-01-31 Thread Charles Leeds 

Qmail Gurus,

We were audited and one of the findings was that our qmail server allowed
addresses with the pipe symbol in them, which was reported in our audit as a
bad practice.

Is there any way to block email addresses (sender or recipient) with the
pipe symbol in them via configuration files, or would I have to patch the
code?

Thanks,
Fox
[EMAIL PROTECTED]

QMail-IMAP + LDAP in large corporate setting

1999-12-01 Thread Charles Leeds 

We are running into problems with a deployment of Netscape Directory and
Messaging on HP-UX and are looking at alternatives.

Can QMail handle this scenario?

2000+ users for the domain mycompany.com

500 of those users will need their mail stored on 2 qmail servers at branch
sites (250 users per)
1500 of the users will be on a very buff HP 9000
All 2000 users must have the same domain name mycompany.com
([EMAIL PROTECTED] might be on the corporate HQ server while
[EMAIL PROTECTED] might be on a branch site server.  Branch sites and HQ
tied together using leased T1's and form a WAN (non-internet addresses)

All mail will be stored in IMAP format on those 3 servers.  LDAP
authentication with no local accounts on mail servers.  Verification of user
before sending mail (authenticated smtp?).  Works with Netscape 4.5+ client.
(I've heard Outlook Express works badly with IMAP servers other than
Microsoft's, is this true?)

Has anyone deployed and kind of Netscape/Outlook Express + Qmail-IMAP +
Qmail-LDAP setup with success?  How well do these play together?

Any information would be helpful.  We already use QMail for a relay and have
fairly good c and Unix expertise inhouse.

Thanks,
Fox
[EMAIL PROTECTED]

Re: 2 Questions

1999-11-10 Thread Charles Leeds 

James wrote:

> 1)  I have had qmail working wonderfully on RedHat Mandrake 6.0 for many
> months now.. but I am having a problem with relaying.  I've gone through
> the steps on this page:
>
> http://www.palomine.net/qmail/relaying.html
>
> but I am confused about something.. if I set up an ip address in
> rcpthosts, *and* in RELAYCLIENT, does this mean the user can ONLY send
> mail if he/she is connected to the server (say, with telnet)?  I have
> added the user's ip address to both, and user cannot use server as a relay
> when not connected directly to the server.

rcpthosts lists domains that qmail will deliver mail to no matter who uses
the relay to send mail to them.  For instance your rcpthosts is:

cia.gov
nsa.gov

This allows _anyone_ connecting to your qmail server to send messages to
those domains.  If I am a Russian spy and I telnet to port 25 on your qmail
server.  I can then do a:

mail from: [EMAIL PROTECTED]
rcpt to: [EMAIL PROTECTED]
data
Blah blah blah
.

This message will be delivered.

If I as the Russian spy telnetting to your qmail port 25 did this same thing
to [EMAIL PROTECTED], the message would not be delivered to hotmail.com
because hotmail.com is not in your rcpthosts.  Now people can not use your
qmail server to spam the world because the qmail server will only send
messages to cia.gov and nsa.gov.  This presents a problem to your local
users because now they can't send mail out to hotmail.com since it is not in
the rcpthosts.

You can however set up tcpserver to pass a RELAYCLIENT environment variable
to the qmail server for ip addresses of your choosing.  Say you have set up
your tcp.smtp with a:

192.168.10.:allow, RELAYCLIENT=""
:allow

and have recompiled the rules

tcprules tcp.smtp.cdb tcp.smtp.temp < tcp.smtp

and then stopped and restarted qmail and tcpserver

Now everyone with an address in the subnet 192.168.10 should be able to send
mail to any host they wish.  Everyone not in the subnet 192.168.10
connecting to qmail will only be able to send mail to nsa.gov and cia.gov.

Putting an address for Joe Smith at 192.168.10.103 in rcpthosts just simply
allows mail to be delivered to host 192.168.10.103, and has no bearing on
where Joe Smith can send mail.

Your rcpthosts should only contain domains you receive mail for.  Your
tcp.smtp should contain the subnets and/or ip addresses of the users you
wish to be able to use the qmail server as a relay to send mail anywhere.

Forgive my rambling

Fox
[EMAIL PROTECTED]

Recording relayed messages and headers

1999-10-27 Thread Charles Leeds 

My company wants to monitor all incoming and outgoing messages that are
relayed through the qmail relay.  The qmail box forwards all mail for our
domain to an internal mailserver using smtproutes, and has no local users.

Is there any way to record all messages (and headers) of incoming and
outgoing messages that are relayed by qmail?

Thanks,

Fox
Information Security Analyst
[EMAIL PROTECTED]