-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2 Mar 00, at 9:35, Shera wrote:
> I asked about message 252 yesterday and was told that to have the smtp
> server not vrfy users was a security feature. I do understand this
> perfectly. But shouldn't this be an option for the sysadmin to turn
> off and on or to have a deny file to only allow certain people to
> access the vrfy command?
You did not listen? You were told, several times, that qmail can't
do it and won't ever do it. Rewrite qmail if you need it.
> There
> are times that I need to vrfy users from remote and in the past the
> easiest and only form I knew was through the smtp server, but now
> using qmail it is impossible.
Lots of other MTAs don't implement vrfy. What's your point?
> I would just like to understand why
> qmail does not allow this to be an option as in sendmail.
Because qmail is not sendmail. If you want a megabyte binary with
long history of buffer overflows running as root on your system, help
yourself.
The first main design decision is to have qmail-smtpd as
lightweight as possible. Even on a really loaded machine,
qmail-smtpd lives; why? Because it does not need to make a
zillion system calls before queuing the message and indicating
success.
The second decision comes from the existence of
.qmail-anything-default files. It's impossible to predict if the program
there returns 100 (user does not exist) or 0 (exists).
Usually, making explicitely no effort is much better than making
half-assed effort and fail. Do you buy this explanation?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOL5h/lMwP8g7qbw/EQIZXwCeN2vYcP8iUDuJGv5kP3xe8efrFDgAoO2V
EFop1siE/NEqccGRbR1E/wgE
=7Dnu
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
