|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
pcre .* in local_recipient_maps security question
From: Arndt Roth (arndt.roth
idmedia.com)
Date: Tue Jan 24 2006 - 04:55:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hi everbody,
we run two postfix mailrelays here and they never troubled us so far.
That's really great.
Now I'd like to have your opinions/advice on the following task I'd have
to implement:
For testing our developers needed e-mail-adresses like
testuser_XXmydomain
I implemented that with a PCRE for local_recipient_maps:
/^testuser_(..)mydomain$/ OK
Now they want me to extend the PCRE to the wildcard "*" to be able to use
testuser_WHATEVER-THEY-NEED-IN-HEREmydomain
I really feel uncomfortable to change the PCRE to:
/^testuser_(.*)mydomain$/ OK
a) Wouldn't this be a security risk? And should I try to change the "*" to
not allow a "" ?
(I tested this as positive with: postmap -fq "testuser_something
someusersomedomain anotheruseranotherdomain usermydomain"
pcre:/mypcre )
b) How long could the maximum expression be ? Is that limited by a maximum
in local_recipient_maps?
Thanks for everbody who shares his thoughts on this and to all who
contributed to Postfix,
Arndt Roth
Unix Systemadministration
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]