Re: [courier-users] mailbot and -T forward / forwardatt
On 17.01.2011 15:48, Sam Varshavchik wrote: You should have $SENDER available. And, once again, make sure that you fully understand how all your manufactured shell scripting needs to quote its variables. Otherwise, you'll have an exploitable security hole on your hands. Well, I didn't see the sender's email in any variable when doing `set /tmp/log.txt`. I added before that a line: MAILTO=escape($SENDER) And now I did have in /tmp/log.txt: MAILTO= But no SENDER or anything else to use with mailbot. So if I should have it, why I don't have it? DEFAULTDELIVERY=|| /usr/lib/courier/bin/dotforward | /usr/lib/courier/bin/maildrop -w 90 -- Yhteistyöterveisin, Jani Ollikainen @ Pronetko Networks Oy -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] (no subject)
Hi, Am new to courier, but i want to set up a courier mail server where i would like to use authpipe program for authentication. i have never done this before and i dont know how to go about this. i want to authenticate users from a diffrent file not /etc/passwd and not mysql. anyone with help, Philly -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier 20110101 build
On 02.01.11 11:33, Sam Varshavchik wrote: Download: http://www.courier-mta.org/download.php A few minor fixes. Changes: • Suppress logging the contents of a failed AUTH command in syslog, in case it includes encoded passwords. Matus UHLAR - fantomas writes: can this differentiate between incvalid usernames and invalid passwords? If not, can this be turned off? On 17.01.11 08:53, Sam Varshavchik wrote: Explain how you were able to tell the difference previously. You couldn't. I don't matter, all people with access to the logs here were able to get to customers' passwords different way. I know about potential security problems about revealed passwords, but I would like to know when an attack is done against users' passwords No. Previously, only some opaque encoded blob was logged, whatever its contents were. aha. yes, in such case it's useless. I wanted to ask this about SMTP authentication (logging more than just auth failed) some time ago. Furthermore, there is no substantial difference. Look for failed AUTH errors. I see no difference between whether there's userid guessing or password guessing going on. Both the requested userid and password is collected at the same time. Either they are accepted, or they're not. yes, but it can be useful to know in cases it's password guessing... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I intend to live forever - so far so good. -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mailbot and -T forward / forwardatt
On 1/18/2011 3:00 AM, Jani Ollikainen wrote: On 17.01.2011 15:48, Sam Varshavchik wrote: You should have $SENDER available. And, once again, make sure that you fully understand how all your manufactured shell scripting needs to quote its variables. Otherwise, you'll have an exploitable security hole on your hands. Well, I didn't see the sender's email in any variable when doing `set /tmp/log.txt`. I added before that a line: MAILTO=escape($SENDER) And now I did have in /tmp/log.txt: MAILTO= But no SENDER or anything else to use with mailbot. So if I should have it, why I don't have it? DEFAULTDELIVERY=|| /usr/lib/courier/bin/dotforward | /usr/lib/courier/bin/maildrop -w 90 Have you tried importing the variable? import SENDER -- Bowie -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] [SOLVED] mailbot and -T forward / forwardatt
On 18.01.2011 16:11, Bowie Bailey wrote: Have you tried importing the variable? import SENDER No! So that was the key! :D So now it seems to work! import SENDER MAILTO=escape($SENDER) ... SENDER=escape(`cat vacation_sender.txt`) SUBJECT=escape(`cat vacation_subject.txt`) ... cc | /usr/lib/courier/bin/mailbot -T forward -c UTF-8 -t vacation.txt -A 'To: $MAILTO' -A 'From: $SENDER' -s '$SUBJECT' /usr/sbin/sendmail -f '' That's basicly what I have. Please comment if that is done insecurely. -- Yhteistyöterveisin, Jani Ollikainen @ Pronetko Networks Oy -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] [SOLVED] mailbot and -T forward / forwardatt
On 1/18/2011 9:35 AM, Jani Ollikainen wrote: On 18.01.2011 16:11, Bowie Bailey wrote: Have you tried importing the variable? import SENDER No! So that was the key! :D So now it seems to work! import SENDER MAILTO=escape($SENDER) ... SENDER=escape(`cat vacation_sender.txt`) SUBJECT=escape(`cat vacation_subject.txt`) ... cc | /usr/lib/courier/bin/mailbot -T forward -c UTF-8 -t vacation.txt -A 'To: $MAILTO' -A 'From: $SENDER' -s '$SUBJECT' /usr/sbin/sendmail -f '' That's basicly what I have. Please comment if that is done insecurely. Maildrop only imports certain variables by default. If you want the others, you have to manually import them. I believe there is a list of available variables in the dot-courier man page. I don't see any security problems in that line, but I'm not an expert on that kind of thing, so take my comment for what it's worth...(not much) :) -- Bowie -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] SPF and mailing lists
I'm using these SPF related entries in bofh... opt BOFHSPFHELO=all opt BOFHSPFMAILFROM=all opt BOFHSPFFROM=all,mailfromok opt BOFHSPFTRUSTME=1 where I thought BOFHSPFFROM=all,mailfromok would let through all or most messages from mailing-lists in general but it seems that (from this list) if anyone sends a message to it from a domain that uses SPF then it bounces, ie; Jan 19 00:19:59 mail courieresmtpd: error, relay=:::87.238.50.203, from=qt-qml-bounces+markc=renta@qt.nokia.com: 517 SPF softfail ext-ivailo.il...@nokia.com: Address does not pass the Sender Policy Framework The qt.nokia.com sub-domain does not have any SPF record at all but nokia.com does so it seems the From: is overriding the From . Of course I never get to see the headers of these 517 messages so it's a bit hard to exactly work out the difference between the ones that work and the bounces. Are my opt BOFH* lines just wrong, or any suggestions how to work around this? --markc -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] SPF and mailing lists
Mark Constable writes: I'm using these SPF related entries in bofh... opt BOFHSPFHELO=all opt BOFHSPFMAILFROM=all opt BOFHSPFFROM=all,mailfromok opt BOFHSPFTRUSTME=1 where I thought BOFHSPFFROM=all,mailfromok would let through all or most messages from mailing-lists in general but it seems that (from this list) if anyone sends a message to it from a domain that uses SPF then it bounces, ie; Jan 19 00:19:59 mail courieresmtpd: error, relay=:::87.238.50.203, from=qt-qml-bounces+markc=renta@qt.nokia.com: 517 SPF softfail ext-ivailo.il...@nokia.com: Address does not pass the Sender Policy Framework The qt.nokia.com sub-domain does not have any SPF record at all but nokia.com does so it seems the From: is overriding the From . Of course I never get to see the headers of these 517 messages so it's a bit hard to exactly work out the difference between the ones that work and the bounces. Are my opt BOFH* lines just wrong, or any suggestions how to work around this? Did you restart Courier after making changes in the bofh file. With all, you should not be bouncing mail, just recording the SPF verification status in the headers. pgpPZ1Di2vMf5.pgp Description: PGP signature -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users