Re: Dot in email adress
James R Grinter wrote: "David L. Nicol" [EMAIL PROTECTED] writes: What exactly is the threat this is supposed to guard against? Is it directory descending on vms, or access to the .. directory somehow? I think it's along the lines of something like 'user-/../foo@domain' which would naively search for '.qmail-/../foo'. Replacing '.' is an easy way to prevent it ever being possible. James. Yes, but dot appears so many places -- would not replacing slash be a better solution? -- David Nicol 816.235.1187 [EMAIL PROTECTED] "people with fish eyes and brown socks"
Re: Dot in email adress
"David L. Nicol" [EMAIL PROTECTED] wrote: that man page [dot-qmail] says: WARNING: For security, qmail-local replaces any dots in ext with colons before checking .qmail-ext. For convenience, qmail-local converts any uppercase letters in ext to lowercase. What exactly is the threat this is supposed to guard against? Is it directory descending on vms, or access to the .. directory somehow? It's guarding against ascending via "..". -Dave
Re: Dot in email adress
On Fri, Jan 12, 2001 at 02:31:56PM -0500, Dave Sill wrote: "David L. Nicol" [EMAIL PROTECTED] wrote: that man page [dot-qmail] says: WARNING: For security, qmail-local replaces any dots in ext with colons before checking .qmail-ext. For convenience, qmail-local converts any uppercase letters in ext to lowercase. What exactly is the threat this is supposed to guard against? Is it directory descending on vms, or access to the .. directory somehow? It's guarding against ascending via "..". That's the assumption, but which Unixen legitimately traverses based on a name like .qmail-../../../etc/passwd? Most Unixen I've seen insist that the first component be a valid directory. Regards.
Re: Dot in email adress
"Mark Delany" [EMAIL PROTECTED] writes: On Fri, Jan 12, 2001 at 02:31:56PM -0500, Dave Sill wrote: "David L. Nicol" [EMAIL PROTECTED] wrote: that man page [dot-qmail] says: WARNING: For security, qmail-local replaces any dots in ext with colons before checking .qmail-ext. For convenience, qmail-local converts any uppercase letters in ext to lowercase. What exactly is the threat this is supposed to guard against? Is it directory descending on vms, or access to the .. directory somehow? It's guarding against ascending via "..". That's the assumption, but which Unixen legitimately traverses based on a name like .qmail-../../../etc/passwd? The dash field need not be "-". In particular, it can end in "/", so that ".." in ext would work, if left unaltered. paul
Re: Dot in email adress
That's the assumption, but which Unixen legitimately traverses based on a name like .qmail-../../../etc/passwd? The dash field need not be "-". In particular, it can end in "/", so that ".." in ext would work, if left unaltered. Understand, but I can't seem to get past the OS wanting the first component to be a directory. I guess if people had a .qmail directory... But is there a way without the recipient doing something silly? Regards.
Re: Dot in email adress
"Mark Delany" [EMAIL PROTECTED] writes: Understand, but I can't seem to get past the OS wanting the first component to be a directory. Right, it does - or rather, *every* component, except the last. I guess if people had a .qmail directory... As I do. But is there a way without the recipient doing something silly? If you have a .qmail directory, and a +user- line in users/assign, a sender could send to user-../foo@host to access .qmail/../foo as a .qmail delivery file. paul
Re: Dot in email adress
Johan Almqvist wrote: man 5 dot-qmail replace the dot (.) with a colon (:) in the name of the .qmail file, ie .qmail-ar:rubin -Johan that man page says: WARNING: For security, qmail-local replaces any dots in ext with colons before checking .qmail-ext. For convenience, qmail-local converts any uppercase letters in ext to lowercase. What exactly is the threat this is supposed to guard against? Is it directory descending on vms, or access to the .. directory somehow? I am not aware of a special case where dots in a file name will unexpectedly hork a unix file system -- is it an obsolete fear, or a current one that I don't know about? This seems, without knowing what the threat is, an arbitrary exception. -- David Nicol 816.235.1187 [EMAIL PROTECTED] "people with fish eyes and brown socks"
Re: Dot in email adress
On Tue, Jan 09, 2001 at 09:03:44PM -0800, Boz Crowther wrote: I'd say you'd have better luck getting people to stop giving newbies snotty answers on mailing lists designed to help them. Yeap. Those mailing lists suck. Fortunately, this is the _qmail discussion list_, not a list to help newbies, so we don't fall in that category. RC -- +--- | Ricardo Cerqueira | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42 | Novis Telecom - Engenharia ISP / Rede Tcnica | P. Duque Saldanha, 1, 7 E / 1050-094 Lisboa / Portugal | Tel: +351 2 1010 - Fax: +351 2 1010 4459 PGP signature
Re: Dot in email adress
* Boz Crowther [EMAIL PROTECTED] [010110 00:05]: I'd say you'd have better luck getting people to stop giving newbies snotty answers on mailing lists designed to help them. Sorry, Boz, but there does not seem to be a news2mail gateway for alt.rec.suicide. And you /are/ aware of whom you just tried (unsuccessfully and in a tear-duct-straining way) to flame, aren't you? Well, the wheel is still spinning, but this hamster is dead. Tata...
Re: Dot in email adress
hey, that reminds me of the time you tried to flame me on-list in response to an off-list email I sent you - attempting to use another person's quoted comments as though they were mine - funny stuff I guess that's when you found alt.rec.suicide jason Sorry, Boz, but there does not seem to be a news2mail gateway for alt.rec.suicide. And you /are/ aware of whom you just tried (unsuccessfully and in a tear-duct-straining way) to flame, aren't you? Well, the wheel is still spinning, but this hamster is dead. Tata...
Re: Dot in email adress
On Tue, Jan 09, 2001 at 09:03:44PM -0800, Boz Crowther wrote: I'd say you'd have better luck getting people to stop giving newbies snotty answers on mailing lists designed to help them. Big misunderstanding. This list isn't designed to help newbies, it is for discussions regarding qmail. We are all helping newbies, _if_ they have done their homework and reag the documentation. As we aren't paid support stuff we can expect they've done that.
Re: Dot in email adress
On Tue, 9 Jan 2001 21:03:44 -0800, "Boz Crowther" [EMAIL PROTECTED] wrote: I'd say you'd have better luck getting people to stop giving newbies snotty answers on mailing lists designed to help them. This mailing list (and mailing lists in general) isn't designed to answer questions that are already answered IN THE DOCUMENTATION. If you can't RTFM, you shouldn't be doing it. Spoonfeeding the answer won't 'help' this person, it will only lead to more problems in the end. end -- Jurjen Oskam * carnivore! * http://www.stupendous.org/ for PGP key assassinate nuclear iraq clinton kill bomb USA eta ira cia fbi nsa kill president wall street ruin economy disrupt phonenetwork atomic bomb sarin nerve gas bin laden military -*- DVD Decryption at www.stupendous.org -*-
Re: Dot in email adress
Robin S. Socha writes: * Boz Crowther [EMAIL PROTECTED] [010110 00:05]: I'd say you'd have better luck getting people to stop giving newbies snotty answers on mailing lists designed to help them. Sorry, Boz, but there does not seem to be a news2mail gateway for alt.rec.suicide. And you /are/ aware of whom you just tried (unsuccessfully and in a tear-duct-straining way) to flame, aren't you? Was he flaming me? I didn't feel flameed. I mean, not only did I answer the guy's question, but I also told him how he could get his system audited by a Professionally Written program as well. -- -russ nelson [EMAIL PROTECTED] http://russnelson.com | Government is the Crynwr sells support for free software | PGPok | fictitious entity by which 521 Pleasant Valley Rd. | +1 315 268 1925 voice | everyone seeks to live at Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | everyone else's expense.
Dot in email adress
Title:
Hi, everybody, how are you?I have a
problem. I have installed qmail as my mail server. I use alias files in alias
account("/var/qmail/alias") to create some redirection adress that i
need.Today, i tried to create an account with the file
".qmail-ar.rubin", but when someone sendsemail to this account, it returns
with thebelow message. The
".qmail-ar.rubin" has the follow line:[EMAIL PROTECTED]which
generates a redirection to my e-mail adress.Someone knows why is these
happening ? I canĀ“t create email accounts with dots ?Thanks,Alan
R.
Email Message that was returned:Hi. This is the
qmail-send program at villas.lps.ufrj.br.I'm afraid I wasn't able to deliver
your message to the following addresses.This is a permanent error; I've
given up. Sorry it didn't work
out.[EMAIL PROTECTED]:Sorry, no mailbox here by
that name. (#5.1.1)--- Below this line is a copy of the
message.Return-Path: [EMAIL PROTECTED]Received: (qmail 3293
invoked from network); 9 Jan 2001 11:15:49 -Received: from unknown (HELO
ginsberg.uol.com.br) (200.231.206.26) by 146.164.47.159 with SMTP; 9
Jan 2001 11:15:49 -Received: from lpi2
([146.164.47.186]) by
ginsberg.uol.com.br (8.9.1/8.9.1) with SMTP id
JAA08670 for
[EMAIL PROTECTED]; Tue, 9 Jan 2001 09:15:21 -0200
(BRST)From: "Alan R." [EMAIL PROTECTED]To:
[EMAIL PROTECTED]Subject: TesteDate: Tue, 9 Jan 2001
09:15:02 -0200Message-ID:
[EMAIL PROTECTED]MIME-Version:
1.0Content-Type: text/plain;
charset="iso-8859-1"Content-Transfer-Encoding: 7bitX-Priority: 3
(Normal)X-MSMail-Priority: NormalX-Mailer: Microsoft Outlook IMO, Build
9.0.2416 (9.0.2910.0)X-MimeOLE: Produced By Microsoft MimeOLE
V5.00.2314.1300Importance:
NormalTeste
Re: Dot in email adress
On Tue, Jan 09, 2001 at 09:28:53AM -0200, Alan R. wrote:
I have a problem. I have installed qmail as my mail server. I use alias
files in alias account
("/var/qmail/alias") to create some redirection adress that i need.
Today, i tried to create an account with the file ".qmail-ar.rubin", but
when someone sends
email to this account, it returns with the below message. The
".qmail-ar.rubin" has the follow line:
[EMAIL PROTECTED]
man 5 dot-qmail
replace the dot (.) with a colon (:) in the name of the .qmail file, ie
.qmail-ar:rubin
-Johan
--
Johan Almqvist
http://www.almqvist.net/johan/qmail/
PGP signature
Re: Dot in email adress
On Tue, Jan 09, 2001 at 09:28:53AM -0200, Alan R. wrote: Today, i tried to create an account with the file ".qmail-ar.rubin", but when someone sends email to this account, it returns with the below message. The [snip] Someone knows why is these happening ? I cant create email accounts with dots ? qmail replaces dots with colons before delivery. Rename the file as .qmail-ar:rubin and it should work as expected. (Is this in the man pages? I couldn't find it during a quick search) james -- James Raftery (JBR54) "Managing 4000 customer domains with BIND has been a lot like herding cats." - Mike Batchelor, on [EMAIL PROTECTED]
RE: Dot in email adress
qmail replaces dots with colons before delivery. Rename the file as .qmail-ar:rubin and it should work as expected. (Is this in the man pages? I couldn't find it during a quick search) man dot-qmail: ] WARNING: For security, qmail-local replaces any dots in ] ext with colons before checking .qmail-ext -- gowen -- Greg Owen -- [EMAIL PROTECTED] SoftLock.com is now DigitalGoods!
Re: Dot in email adress
On Tue, Jan 09, 2001 at 09:02:24AM -0500, Greg Owen wrote: man dot-qmail: Aha! Thanks. (That's a funny place to put it. Why not in the qmail-local man page?) james -- James Raftery (JBR54) "Managing 4000 customer domains with BIND has been a lot like herding cats." - Mike Batchelor, on [EMAIL PROTECTED]
Re: Dot in email adress
Alan R. writes: Someone knows why is these happening ? I cant create email accounts with dots ? I wish there was a way for me to get people to run http://qmail.org/qmail-lint-0.55 before they ask questions. Or even better, I wish that qmail included a program called "run-this-program-before-asking-questions". Or worse than the two of those, but better than nothing, would be to change qmail-local so that it would also search for a .qmail-ar.rubin when not finding the .qmail-ar:rubin it was expecting, and then give up the delivery saying "I substitute a colon for a dot when opening a .qmail file." -- -russ nelson [EMAIL PROTECTED] http://russnelson.com | Government is the Crynwr sells support for free software | PGPok | fictitious entity by which 521 Pleasant Valley Rd. | +1 315 268 1925 voice | everyone seeks to live at Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | everyone else's expense.
Re: Dot in email adress
I'd say you'd have better luck getting people to stop giving newbies snotty answers on mailing lists designed to help them. - Original Message - From: "Russell Nelson" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, January 09, 2001 8:24 PM Subject: Re: Dot in email adress Alan R. writes: Someone knows why is these happening ? I cant create email accounts with dots ? I wish there was a way for me to get people to run http://qmail.org/qmail-lint-0.55 before they ask questions. Or even better, I wish that qmail included a program called "run-this-program-before-asking-questions". Or worse than the two of those, but better than nothing, would be to change qmail-local so that it would also search for a .qmail-ar.rubin when not finding the .qmail-ar:rubin it was expecting, and then give up the delivery saying "I substitute a colon for a dot when opening a .qmail file." -- -russ nelson [EMAIL PROTECTED] http://russnelson.com | Government is the Crynwr sells support for free software | PGPok | fictitious entity by which 521 Pleasant Valley Rd. | +1 315 268 1925 voice | everyone seeks to live at Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | everyone else's expense.
