All,
>From Serge's description it just seems that the not null sender check is
unnecessary. The code now is:
// If this is a delivery failure notification (MAIL FROM:
<>)
// we don't enforce authentication
if (authRequired && state.get(SENDER) != null) {
// Make sure the mail is being sent locally if not
// authenticated else reject.
if (!state.containsKey(AUTH)) {
String toDomain = recipientAddress.getHost();
if (!mailServer.isLocalServer(toDomain)) {
out.println("530 Authentication Required");
getLogger().error("Authentication is required
for mail request");
return;
}
} else {
If we're going to enforce that mail will null senders does not leave the
host, then this should be:
// If this is a delivery failure notification (MAIL FROM:
<>)
// we don't enforce authentication
if (authRequired) {
// Make sure the mail is being sent locally if not
// authenticated else reject.
if (!state.containsKey(AUTH)) {
String toDomain = recipientAddress.getHost();
if (!mailServer.isLocalServer(toDomain)) {
out.println("530 Authentication Required");
getLogger().error("Authentication is required
for mail request");
return;
}
} else {
I haven't looked at the LocalDelivery mailet, but I imagine it may
require modification to ensure that mails with empty senders that are
routed to non-existent addresses don't bounce.
I don't agree that this is a matcher issue. It shouldn't require any
complex configuration to prevent open relay behavior. Turning on SMTP
authentication is a standard and expected behavior to prevent open relay
behavior. Additional configuration of matchers is not.
Any thoughts?
--Peter
> -----Original Message-----
> From: Hontvari Jozsef [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 30, 2002 12:54 AM
> To: James Developers List
> Subject: Re: Open relay with SMTP-AUTH
>
> But is it possible at all to configure james correctly?
> If he is using smtp authentication, likely he hasn't so called "local"
> hosts.
>
> This is the required behaviour, when the mail from is empty (i.e.
bounce
> message):
> -if the recipient is local then delivery the message
> (-if the recipient is local, but the mailbox does not exist, then do
> nothing, you must not bounce a bounce message)
>
> -if the recipient is not local but the remote host is authenticated
then
> relay the message (although I guess this rarely occurs)
> -if the recipient is not local and the remote host is not
authenticated
> then
> do nothing (usual servers simply would not accept the mail)
>
> BUT: there is no matcher which can decide if the sender is
authenticated
> or
> not, so we cannot configure correctly.
>
> I think the best configuration - which can be done at this moment -
simply
> removes the message if the recipient isn't local and the sender is
empty.
>
>
>
> ----- Original Message -----
> From: "Serge Knystautas" <[EMAIL PROTECTED]>
> To: "James Developers List" <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> Sent: Tuesday, July 30, 2002 8:21 AM
> Subject: Re: Open relay with SMTP-AUTH
>
>
> > Even if you have a server that only is accepting SMTH AUTH, it's
still
> best
> > practices to accept "MAIL FROM: <>" messages (i.e., you can't just
> disable
> > that). That said, messages with a null sender should not leave your
> server,
> > so I think it's either a conf issue or a bug in some matcher that
isn't
> > probably capturing that and preventing the relaying.
> >
> > Serge Knystautas
> > Loki Technologies
> > http://www.lokitech.com/
> >
> > ----- Original Message -----
> > From: "Peter M. Goldstein" <[EMAIL PROTECTED]>
> > To: "'James Developers List'" <[EMAIL PROTECTED]>
> > Sent: Monday, July 29, 2002 8:21 PM
> > Subject: FW: Open relay with SMTP-AUTH
> >
> >
> > >
> > > All,
> > >
> > > I've just confirmed this on the latest code base. The cause is
pretty
> > > obvious - there is a comment in SMTPHandler.java:
> > >
> > > // If this is a delivery failure notification (MAIL
FROM:
> > > <>)
> > > // we don't enforce authentication
> > > if (authRequired && state.get(SENDER) != null) {
> > >
> > > Removing the (state.get(SENDER) != null) clause closes the open
relay.
> > >
> > > But can anyone clarify the comment? Is this comment referring to
> > > messages being generated by the James server in response to local
> > > delivery failures? Clearly the code as it stands in insecure...
> > >
> > > --Peter
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
> > > Sent: None
> > > To: [EMAIL PROTECTED]
> > > Subject: Open relay with SMTP-AUTH
> > >
> > >
> > > Hello
> > >
> > > I think I found a bug when using SMTP-AUTH
> > >
> > > if you enable smtp-auth and sends a <> as the sender
> > > the servers allows the relay of any message, if you
> > > specify a correct email address the server enforces the
authentication
> > >
> > > I created a patch for this, is there any other solution?
> > >
> > > following a session that shows the problem
> > >
> > > Trying XXXXXX...
> > > Connected to XXXXXXXXX.
> > > Escape character is '^]'.
> > > 220 myMailServer SMTP Server (JAMES SMTP Server 2.0a3-cvs) ready
Mon,
> 29
> > > Jul 2002 20:31:04 -0400
> > > helo test
> > > 250-myMailServer Hello test (XXXXXXX)
> > > 250 AUTH LOGIN PLAIN
> > > mail from: <>
> > > 250 Sender <> OK
> > > rcpt to: <[EMAIL PROTECTED]>
> > > 250 Recipient <[EMAIL PROTECTED]> OK
> > > .....
> > >
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> > > For additional commands, e-mail:
> > <mailto:[EMAIL PROTECTED]>
> > >
> > >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> >
> >
>
>
> --
> To unsubscribe, e-mail: <mailto:james-dev-
> [EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:james-dev-
> [EMAIL PROTECTED]>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
