From: Wietse Venema <[email protected]> Subject: Re: SRS implementation Date: Sat, 22 May 2010 09:35:29 -0400 (EDT)
> Tomoyuki Murakami: >> > First, this would accept mail for [email protected], >> > meaning that it would be an open relay. A more secure implementation >> > would compute a hash of ([email protected], local secret) and >> > include that hash in the return address. >> >> I guess, with my patch alone, could not cause open relay, but ... > > It is an open relay. > > To exploit: send mail to [email protected] where > my.dom is your domain, and Postfix will deliver it to anyu...@anydomain. oops! I could't find such a decoding mechanism, i.e. [email protected] to anyu...@anydomain in the Postfix souce. Is this realized in bare Postfix with specific configuration or cooperation with its plug-ins ? For my previous patch, just rewriting sender one-way and it may be `in-complete' in the meaning of implementing SRS. If there exists extracting function from SRS-ish (VERP ?) to original sender address in the current Postfix code, I'd like to learn about that for, either choosing any existing plug-ins or home-brewing yet-another-SRS plug-in, mainly looking into security sufficiency of its required hash mechanisms. --- Tomo.
pgpFurn4YVcS6.pgp
Description: PGP signature
