I agree that it'd be nice if these parameters were run-time configurable. I asked the author (Tonino) about that some time ago:
I wrote: >> I'm using the qmail-toaster package which contains chkuser. A few >> installations >> have had need to adjust some settings (CHKUSER_ALLOW_SENDER_SRS and CHKUSER_ALLOW_SENDER_CHAR_? >> in particular). This is fairly cumbersome to do (expecially for novice users), >> having to rebuild the entire qmail-toaster package. Tonino replied: > > You don't have to rebuild whole toaster. > Modify your chkuser_settings.h. > Stop qmail > Just "make setup check" > Start qmail I think he didn't understand that with the toaster, we don't leave the whole build environment laying around on disk (which I think is appropriate). Perhaps someone else could be more convincing. The chkuser list is [EMAIL PROTECTED] Tim, There is a slightly easier way to pause the build process while modifying chkuser.h than editing the sleep parameter in the spec file. I think it involves ctrl-z, but I'm not positive on that. Search the archives and I think you'll find it. If you like it, it'd be nice if you'd update the wiki chkuser page. I've neglected to do that. Jean-Paul van de Plasse wrote: > I think that making this a runtime configurable option is the best option. > Not that much of a problem to implement, and when we default it to the > same behaviour it has now it is up to the admins what they do with it. > > Can you find yourself in that Erik? > > JP > ----- Original Message ----- From: "Tim Mancour" <[EMAIL PROTECTED]> > To: <qmailtoaster-list@qmailtoaster.com> > Sent: Tuesday, January 16, 2007 5:15 PM > Subject: RE: [qmailtoaster] apostrophe > > >> Erik, >> >> Which characters in the sender's mailbox identifier represent a security >> issue? In my thinking these should be the only characters that are >> restricted in the "C" code. The badmailfrom file can then be used to >> allow >> site to site customization. >> >> I know that everytime that I upgrade I have to do the hand building >> step to >> allow the '+' character and would really like to be able to configure >> thus >> sort of thing in a control file. >> >> Regards, >> Tim >> >> -----Original Message----- >> From: Erik Espinoza [mailto:[EMAIL PROTECTED] >> Sent: Monday, January 15, 2007 8:09 PM >> To: qmailtoaster-list@qmailtoaster.com >> Subject: Re: [qmailtoaster] apostrophe >> >> Tim, >> >> Not a good idea. If you write this patch, it shall not be included >> into the >> Toaster. >> >> Qmail gets a lot of security by not allowing certain characters. For >> example, any e-mail address that contains a "." is stored in the file >> system >> as a ":" because the period is a file system navigation character. >> >> Thanks, >> Erik >> >> On 1/15/07, Tim Mancour <[EMAIL PROTECTED]> wrote: >>> Hi, >>> >>> The toaster seems to be more restrictive than the current SMTP >>> specification. RFC 2821 (page 37) only specifically prohibts ASCII >>> characters 0 through 31 and characters greater than 126 from the name >>> of a mailbox. >>> >>> As a long term solution, couldn't we modify the "C" code (specifically >>> the function check_sender_address_format) to allow any character in >>> the ASCII range 33 through 126. We could then use the badmailfrom >>> control file to filter out sender addresses that contain characters >>> that are undesirable. A single line with an explicit set of characters >>> could be used - e.g. [ ,;:"'`&%\$\^\{\[\(\|\)\]\}\*\+\?\\]. >>> >>> I could be missing something but I think that this will allow each >>> site to customize as required without rebuilding the "C" code and >>> without losing any functionality. I'd be happy to make the C code >>> changes if this make sense to everyone. >>> >>> Regards, >>> Tim >>> >>> >>> -----Original Message----- >>> From: Trung Pham [mailto:[EMAIL PROTECTED] >>> Sent: Friday, January 12, 2007 5:14 PM >>> To: qmailtoaster-list@qmailtoaster.com >>> Subject: Re: [qmailtoaster] apostrophe >>> >>> Yeah, you will need to edit the C code before compiling it. >>> >>> > eh no.. >>> > Its just that to change qmailtoaster/checkuser you have to change >>> > the code a bit. >>> > >>> > Like Eric explained below. >>> > >>> > >>> > ----- Original Message ----- >>> > From: "Dan Herbon" <[EMAIL PROTECTED]> >>> > To: <qmailtoaster-list@qmailtoaster.com> >>> > Sent: Friday, January 12, 2007 10:48 PM >>> > Subject: RE: [qmailtoaster] apostrophe >>> > >>> > >>> >> So I have to have any user emailing this person to add a \ in front >>> >> of the email address?: >>> >> >>> >> Bd\'[EMAIL PROTECTED] >>> >> >>> >> >>> >> >>> >> -----Original Message----- >>> >> From: Trung Pham [mailto:[EMAIL PROTECTED] >>> >> Sent: Friday, January 12, 2007 4:37 PM >>> >> To: qmailtoaster-list@qmailtoaster.com >>> >> Subject: Re: [qmailtoaster] apostrophe >>> >> >>> >> #define CHKUSER_ALLOW_SENDER_CHAR_2 '\'' >>> >> that's the correct syntax >>> >> >>> >>> Dan Herbon wrote: >>> >>>> I've been live on the new qmailtoaster server now for about 3 >>> >>>> weeks and no problems have arisen, everythings been great. >>> >>>> >>> >>>> >>> >>>> >>> >>>> Today however I came across my first problem. A user we used to >>> >>>> email back and forth has an apostrophe in her name and for some >>> >>>> strange odd reason whoever set this person up put the apostrophe >>> >>>> in her >>> email >>> >>>> address. So her email address is: bd'[EMAIL PROTECTED] >>> >>>> >>> >>>> >>> >>>> >>> >>>> The qmail server is rejecting this with: >>> >>>> >>> >>>> >>> >>>> >>> >>>> -------- >>> >>>> >>> >>>> 2007-01-12 15:09:52.456145500 CHKUSER rejected sender: from >>> >>>> <BD'[EMAIL PROTECTED]::> remote >>> >>>> <mail-bh.server.com:unknown:12.19.*.*> rcpt <> : invalid sender >>> >>>> address format >>> >>>> >>> >>>> --------- >>> >>>> >>> >>>> >>> >>>> >>> >>>> Is there an easy way to allow an apostrophe in the email address >>> >>>> be delivered? Perhaps add just this users email address to some >>> >>>> sort of whitelist somewhere. Any help would be great. I have to >>> >>>> get this working. >>> >>>> >>> >>>> >>> >>>> >>> >>>> thank >>> >>>> >>> >>> >>> >>> You should try very hard to have the admin for that domain change >>> >>> the name. >>> >>> >>> >>> Short of success with that, you *can* tailor chkuser to accept >>> >>> additional special characters, but tailoring chkuser is somewhat >>> >>> of a PITA. See http://wiki.qmailtoaster.com/index.php/Chkuser. In >>> >>> chkuser.h you'll want to modify >>> >>> /* #define CHKUSER_ALLOW_SENDER_CHAR_2 '%' */ by uncommenting the >>> >>> #define, and specifying the apostrophe as the special character. >>> >>> I'm not sure how to do that properly in C, but it might be #define >>> >>> CHKUSER_ALLOW_SENDER_CHAR_2 '\'' >>> >>> or >>> >>> #define CHKUSER_ALLOW_SENDER_CHAR_2 '''' >>> >>> Maybe a C guru can help you out on that. >>> >>> >>> >>> HTH >>> >>> -- >>> >>> -Eric 'shubes' >>> >>> >>> >>> -- -Eric 'shubes' --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
