Re: [vchkpw] setuid vpopmail
On Fri, 12 Dec 2003 10:32:18 -0600 Jeremy Kitchen <[EMAIL PROTECTED]> wrote: > On Fri, 2003-12-12 at 10:08, Jeremy Kitchen wrote: > > On Fri, 2003-12-12 at 09:17, Jacob S. wrote: > > forgot to add, if the user qmail-local is trying to deliver to doesn't > own the directory, it won't deliver to it, period. It won't even pass > it off for program delivery, so putting setuid bit on there is > pointless. > > see 'man qmail-local' for more information. Thanks. That at least answers the question of why chmod u+s vdelivermail won't fix it. Jacob - GnuPG Key: 1024D/16377135 Windows: 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor, written by a 2 bit company, that can't stand 1 bit of competition. Linux: The ultimate windows patch. http://www.linux.org/ pgp0.pgp Description: PGP signature
Re: [vchkpw] setuid vpopmail
On Fri, 12 Dec 2003 10:08:26 -0600 Jeremy Kitchen <[EMAIL PROTECTED]> wrote: > On Fri, 2003-12-12 at 09:17, Jacob S. wrote: > > Ok, I'm having trouble getting qmail's QUEUE_EXTRA feature and > > vpopmail to play well together. > > > > Can someone remind me how /home/vpopmail/bin/vdelivermail could be > > abused if it were chmod u+s vpopmail:vchkpw? > > why on earth would you want to setuid it? qmail-lspawn setuid's then > spawns qmail-local to handle the delivery. there's no need to setuid > it. Because I'm not getting it to work that easily. > If you want to make queue-extra deliver to a vpopmail mailbox, tell it > to deliver to domain.com-youruser and the qmail-users/vpopmail will > handle the rest. I wish it would. I've tried setting queue_extra to "Tlog\0" and "Tdomain.com-log\0" and adjusting queue_extralen appropriately. The latter simply causes qmail to deliver to [EMAIL PROTECTED] in the logfiles. The former would probably work for copying to a normal user's mailbox, but that doesn't allow the filtering method described at http://www.ornl.gov/lists/mailing-lists/qmail/2000/12/msg00814.html I've tried various other methods, including running vdelivermail from a .qmail file in /var/qmail/alias. The closest I've come is using a .qmail-log file in /home/vpopmail/domains/domain.com/ to copy to another user and getting 2 copies, instead of just one. Worst case, everyone sending e-mail to this domain starts getting messages about their e-mail looping. For more of what I've tried, see my message from Tuesday titled "Vpopmail and message logging?". Any other suggestions? TIA, Jacob - GnuPG Key: 1024D/16377135 Microsoft gives you Windows... Linux gives you the whole house. pgp0.pgp Description: PGP signature
Re: [vchkpw] setuid vpopmail
On Fri, 2003-12-12 at 10:08, Jeremy Kitchen wrote: > On Fri, 2003-12-12 at 09:17, Jacob S. wrote: > > Ok, I'm having trouble getting qmail's QUEUE_EXTRA feature and vpopmail > > to play well together. > > > > Can someone remind me how /home/vpopmail/bin/vdelivermail could be > > abused if it were chmod u+s vpopmail:vchkpw? > > why on earth would you want to setuid it? qmail-lspawn setuid's then > spawns qmail-local to handle the delivery. there's no need to setuid > it. forgot to add, if the user qmail-local is trying to deliver to doesn't own the directory, it won't deliver to it, period. It won't even pass it off for program delivery, so putting setuid bit on there is pointless. see 'man qmail-local' for more information. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
Re: [vchkpw] setuid vpopmail
On Fri, 2003-12-12 at 09:17, Jacob S. wrote: > Ok, I'm having trouble getting qmail's QUEUE_EXTRA feature and vpopmail > to play well together. > > Can someone remind me how /home/vpopmail/bin/vdelivermail could be > abused if it were chmod u+s vpopmail:vchkpw? why on earth would you want to setuid it? qmail-lspawn setuid's then spawns qmail-local to handle the delivery. there's no need to setuid it. If you want to make queue-extra deliver to a vpopmail mailbox, tell it to deliver to domain.com-youruser and the qmail-users/vpopmail will handle the rest. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
