I have qmail, tmda, and tofmipd running, and everything seems to work just great, but I just noticed that my theory of how it does what it does, doesn't seem correct. Could someone tell me how the following *actually* works?
[1] I send mail from my client mail program to port 8025 on my server. [2] tofmipd, running as a daemon, verifies my authentication against /etc/tofmipd and then receives the incoming mail. [3] The tofmipd daemon looks at the filters under ~/.tmda for the user authenticated, determines that a dated address needs to be used, and generates one based on ~/.tmda/crypt_key. Since no one knows my crypt_key, then they could not forge such an address. [4] The resulting e-mail is then relayed via qmail to the requested address, but with slightly modified headers. Like I said, it seems like this is what happens, but there's a little bit of hand waving in step #3. How does a daemon running as user tofmipd access the file ~/.tmda/crypt_key? The file has permissions 600, so it should not be accessible. The daemon can't be doing a suid because it does not know the root password or the user's password (the authentication password in /etc/tofmipd is not the same as the user's password), so how is this accomplished? <rubs head> Ow. My brain is confused. Gre7g. ================================================================= Gre7g Luterman [EMAIL PROTECTED] http://www.templeofluna.com/ Stay informed: http://www.templeofluna.com/keeper/mailinglist.htm Into each wound, a little salt must fall... _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
