Norman wrote:
> schrieb Noel J. Bergman:
> > There are many ways to handle RoamingUsers. POPBeforeSMTP is at
> > least descriptive.
> I called it RoaminUsersHandler cause we could easly use it for
> IMAPBeforeSMTP if imap is included. So i thought this "general"
> name is the best.
Too general. And I'm not sure that the handler code would be shared with
IMAP, as opposed to some underlying code. So we would probably have
POP3BeforeSMTP and IMAPBeforeSMTP being protocol-specific, but using common
code to track recent authentication.
Something more important: I am -1 on the current code. The technical
justification for vetoing this change is that we are tracking only the IP
address. One person on a non-routable subnet authenticates via POP3 or
IMAP, and everyone else going through the same gateway router gets to use
the now Open Relay? Better would to be to maintain {ID, IP}-tuples.
Although that would be more difficult, or perhaps less useful, in virtual
user table situations, since the POP3 USER and the SMTP MAIL FROM would be
different, it would be better than creating Open Relays; especially Open
Relays in a way that most admins would find every difficult to track down,
and which most Open Relay probes would not detect.
References:
PassCmdHandler:
RoaminUsersHelper.addIPAddress(session.getRemoteIPAddress());
RoaminUsersHandler:
// Check if the ip is allowed to relay
if (!session.isRelayingAllowed()
&& RoaminUsersHelper.isAuthorized(session.getRemoteIPAddress())) {
session.setRelayingAllowed(true);
}
My guess is that you simply didn't notice the vulnerability that this
introduces.
Remember that you need not revert the commits at this time, but unless we
find a resolution to the vulnerability or someone shows me the error of my
assertion, we are not releasing this code.
And although Administrators can turn the feature off, the code has no value
if it cannot be turned on, and Administrators have no control over whether
or not a traveling user is accessing from a non-routable subnet. All that
they'll see is access via the routable address of the gateway router.
By the way, why not just use SMTP AUTH?
> > I disagree [terminology only] in that these are not really filters; they
> > are command handlers. In some cases, the commands filter, but they are
> > structurally indentical. And I agree that we should rebuild the
protocol
> > handlers in the same manner as we rebuilt SMTP
> Exactly what i want to do too :-) This will us give more flexibility. I
> did the commit with the hardcoded one to "show" what we can improve and
> why we should. I think to have a "base" on which we can discuss is
> better then nothing.
Understood.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
