From: Keean Schupke (keeanfry-it.com)
Date: Wed Nov 21 2007 - 12:52:33 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

> You don't need network traffic to parse local logs. And being outside the
> MTA the log parser does not prevent the user from upgrading Postfix in the
> future. A private feature would lock the user into the modified release.

Yes, you are right... of course that means the customer has to stay
with us for support... but I would rather do something that is
generally acceptable. Wietse seemed to suggest that if I could do it
in a generic way using postfix's plugin architecture to maintain the
external state, he might accept the patch. I think this is the way I
am going to go, unless something makes me change my mind...

>
> The SMTP delivery agents reacts to delivery failures by logging the
> failure. It is running with reduced privileges ("postfix" not "root")
> at that point, and perhaps in a chroot jail. If it can update the
> configuration at that point, we have a security mis-feature.
>

Yes, I am running postfix in a chroot jail. I am not talking about
updating the config... the config would be something like
"smtp_sasl_auth_dont_reuse_bad_credentials = yes" ... the state would
have to be stored inside the chroot jail, or in a database where we
have write permission.

Cheers,
Keean Schupke, Fry-IT Ltd.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]