Quoting Shlomi Fish, from the post of Sun, 29 Dec: > > Someone tempered with the qmail configuration, but forgot to place the > iglu.org.il symlink or deleted it by accident, so I fixed it. > > In the process, I changed the ownership of qmailadmin from vpopmail.vchkpw > or something like that to root.root because I thought it might fix it. If > it is possible to have it the other way back, please change it.
I shamefully admit I left it dangling. I have noticed the vpopmail was quite old with a possible open security hole, so I compiled a newer version, and following in qmailadmin to go along with the upgrade. the new version does aliasing of virtual domains a little differently (not with a symlink) but I didn't notice that due to the way things were historically configured on IGLU, the symlink was a must. my bad. I'll try to find time to make the symlink unnecessary again so we are up to current versions of the config format. I'll remove the root permissions on qmailadmin. it should have been SUID vpopmail. I just found SUID-root qmailadmin.old there - VERY bad idea. is anybody keeping any security checks on the server? Bastille? you will notice there are are a few extra features in the new qmailadmin, and any user can set himself up with forwards, forwrd and copy, vacation and other stuff. if any of you haven't taken the opportunity to create yourself a conveniant pop account under the (iglu|linux).org.il domain, please talk to Shlomif (or me as his backup). I also thought about a few other things we could do, please let me know if any of you object: - opening an SSL port on the apache for configuration CGIs like qmailadmin - adding imap to the mail services (Courier) - adding IMP 3.1 to read iglu mail accounts as webmail over SSL. - opening SMTP relay-after-Pop (where following a successful pop3 authentication you get 20 minutes of free relay of SMTP from the server. very useful if you work with several ISPs from a roaming laptop or from abroad) Have a good one, Ira. -- Chick magnet (retired) Ira Abramov http://ira.abramov.org/email/ This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
msg00886/pgp00000.pgp
Description: PGP signature
