Re: [vchkpw] chkuser wrongly accept emails for default@
Sorry to take so long to put in my comments on this thread... tonix (Antonio Nati) wrote: Anyway, I'm planning to add an option excluding any acceptance for default user (I'm thinking this since two years, but I've forgot to do until now) . This has nothing to do with the bounce string. Well, I don't think it should be an option. Vpopmail requires the file .qmail-default to exist, and uses it for its own purposes. You can't have a 'default' user or alias on a vpopmail system. I considered changing the operation of valias_select to ignore the .qmail_default file, but found that vpopmail (and very likely qmailadmin) already use it to retrieve data from .qmail_default. I suggest chkuser should always ignore the .qmail_default file. I don't see any reason to check for the content of alias, looking for a bouncing string. Apart .qmail-default, I don't see a reason why a .qmail-ALIAS should contain a bouncing string. I'm not quite sure I understand how this follows along with the next sentence. One thought... If a .qmail file contains a bouncesaying command then you need to accept that message and let the bounce get sent. If the administrator doesn't want to send bounces they shouldn't be using bouncesaying. Instead, we should find a standard notation to identify a custom reject string for a single user. Something that can be put inside .qmail-ALIAS or inside user's .qmail-default. If such a notation is identified, rcpt is rejected with this message. Remember valias_select, which chkuser uses to see if there is an alias returns the first database entry, or the first line of the .qmail-ALIAS file. There is very little extra cost to using a comment in the database or .qmail-ALIAS file. For example: .qmail-closed-account might contain: # chkuser reject 550 go away spammer! Qmail / vdelivermail will simply ignore the comment. Chkuser, can read the first line of the alias and take action based on its contents. I suggest you first look for the string 'chkuser'. If that is found the rest of the line is a command for chkuser. If the first word after the comment marker is not chkuser then the mail is accepted by the alias. You are welcome to read the entire alias if the first line indicates a need. It must be valid if executed by qmail or vdelivermail, so every line you use may need to be a qmail comment. Stephane Bouvard (ML) wrote: Anyway, for me, if a .qmail-xyz specify bounce-no-mailbox for any reason, i do not see why chkuser should accept the mail and let qmail bounce it as it's easy to avoid... it's an opengate for spammers. I strongly disagree. If the system administrator puts bouncesaying in a .qmail file you must assume they want to send a bounce message. Thanks, Rick
Re: [vchkpw] chkuser wrongly accept emails for default@
On 4/17/2007 2:43 PM, Stephane Bouvard (ML) wrote: Here's a little fix to verify if the alias is not bounce-no-mailbox... [...] +if (fd_file != -1) { +read_char = read (fd_file, read_buf, sizeof(read_buf) - 1); +close (fd_file); +if (read_char 0) read_char = 0; +} +read_buf[read_char] = 0; + +if ( strstr(read_buf, CHKUSER_BOUNCE_STRING) == NULL ) { +retstat = CHKUSER_OK; +break; +} + Great idea. I'm no C guy, but shouldn't that second conditinal be inside the first? +if (fd_file != -1) { +read_char = read (fd_file, read_buf, sizeof(read_buf) - 1); +close (fd_file); +if (read_char 0) read_char = 0; +read_buf[read_char] = 0; + +if ( strstr(read_buf, CHKUSER_BOUNCE_STRING) == NULL ) { + retstat = CHKUSER_OK; + break; +} +} Otherwise if the .qmail-user does not exist, retstat = 1 or am I being silly ? -- Jeremy Kister http://jeremy.kister.net./
Re: [vchkpw] chkuser wrongly accept emails for default@
This is not a chkuser problem, as chkuser simply uses qmail philosophy, checking for aliases in the qmail way. Anyway, I'm planning to add an option excluding any acceptance for default user (I'm thinking this since two years, but I've forgot to do until now) . This has nothing to do with the bounce string. I don't see any reason to check for the content of alias, looking for a bouncing string. Apart .qmail-default, I don't see a reason why a .qmail-ALIAS should contain a bouncing string. Instead, we should find a standard notation to identify a custom reject string for a single user. Something that can be put inside .qmail-ALIAS or inside user's .qmail-default. If such a notation is identified, rcpt is rejected with this message. Ciao, Tonino At 20.43 17/04/2007, Stephane Bouvard (ML) wrote: Hi, With chkuser 2.0.8 (not yet updated to 2.0.9, sorry :)), someone reported me that chkuser wrongly accept emails adressed to [EMAIL PROTECTED] , as there is a .qmail-default alias file, even if this file specify bounce-no-mailbox... The same problem occur for any alias defined (why ?) with bounce-no-mailbox... Here's a little fix to verify if the alias is not bounce-no-mailbox... --- chkuser.c Tue Apr 17 20:11:24 2007 +++ chkuser.c Tue Apr 17 20:31:24 2007 @@ -756,12 +756,20 @@ static int realrcpt (stralloc *sender, s if (!stralloc_cats (alias_path, tmp_path.s)) DIE_NOMEM(); if (!stralloc_0 (alias_path)) DIE_NOMEM(); - fd_file = open_read (alias_path.s); - if (fd_file != -1) { - close (fd_file); - retstat = CHKUSER_OK; - break; - } +fd_file = open_read (alias_path.s); +read_char = 0; +if (fd_file != -1) { +read_char = read (fd_file, read_buf, sizeof(read_buf) - 1); +close (fd_file); +if (read_char 0) read_char = 0; +} +read_buf[read_char] = 0; + +if ( strstr(read_buf, CHKUSER_BOUNCE_STRING) == NULL ) { +retstat = CHKUSER_OK; +break; +} + #endif case 9: -- Bien à toi... _ (_' L'informatique est ma passion, vous la simplifier, mon métier ! ,_)téphane Bouvard [antarex AT freenet DOT be] http://www.antarex.be
[vchkpw] chkuser wrongly accept emails for default@
Hi, With chkuser 2.0.8 (not yet updated to 2.0.9, sorry :)), someone reported me that chkuser wrongly accept emails adressed to [EMAIL PROTECTED] , as there is a .qmail-default alias file, even if this file specify bounce-no-mailbox... The same problem occur for any alias defined (why ?) with bounce-no-mailbox... Here's a little fix to verify if the alias is not bounce-no-mailbox... --- chkuser.c Tue Apr 17 20:11:24 2007 +++ chkuser.c Tue Apr 17 20:31:24 2007 @@ -756,12 +756,20 @@ static int realrcpt (stralloc *sender, s if (!stralloc_cats (alias_path, tmp_path.s)) DIE_NOMEM(); if (!stralloc_0 (alias_path)) DIE_NOMEM(); - fd_file = open_read (alias_path.s); - if (fd_file != -1) { - close (fd_file); - retstat = CHKUSER_OK; - break; - } +fd_file = open_read (alias_path.s); +read_char = 0; +if (fd_file != -1) { +read_char = read (fd_file, read_buf, sizeof(read_buf) - 1); +close (fd_file); +if (read_char 0) read_char = 0; +} +read_buf[read_char] = 0; + +if ( strstr(read_buf, CHKUSER_BOUNCE_STRING) == NULL ) { +retstat = CHKUSER_OK; +break; +} + #endif case 9: -- Bien à toi... _ (_' L'informatique est ma passion, vous la simplifier, mon métier ! ,_)téphane Bouvard [antarex AT freenet DOT be] http://www.antarex.be