At 10.26 18/04/2007, Stephane Bouvard (ML) wrote:

,- - [ Le mercredi 18 avril 2007 vers 9:33 tonix (Antonio Nati) écrivait: ] - -

> I don't see any reason to check for the content
> of alias, looking for a "bouncing" string. Apart
> .qmail-default, I don't see a reason why a
> .qmail-ALIAS should contain a bouncing string.

There is for me a reason : when using a catch-all if you want to disable some specific address... i know that actually if the .qmail-default specify a catch-all, chkuser does not look further and accept the mail, but it should be easy in that case to still verify if the specific user is not configured to bounce...

Internal logic should be changed. I have to change/extend it for other reasons, I will look for this also in case.

Anyway, for me, if a .qmail-xyz specify "bounce-no-mailbox" for any reason, i do not see why chkuser should accept the mail and let qmail bounce it as it's easy to avoid... it's an opengate for spammers.

Let's try to distinguish problems.

.qmail-default has an architectural reason to exist, as qmail architecture delivers to .qmail-default all emails for not existing users. Inside .qmail-default there is the logic for rejecting/deleting/storing all those messages. We simply know "default" is a "fake alias", that must exist but has nothing to do with whatever other alias you may create.

It would be good if chkuser add an option to reject "default" rcpt, as it is a fake "rcpt". This will close a qmail hole.

Different matter is to handle in a more extended way users/aliases, despite of bounce/delete/catchall.

Additional checking could be done (I'm thinking about quota checking) even if catchall/delete is specified.

I suggest also to introduce a new notation for rejecting users/aliases with a custom message (i.e.: reject "user has changed address. Write to [EMAIL PROTECTED]"). This would be a lot more useful than barely put a generic "bounce" string.

This additional checking should be done on aliases AND on .qmail-default inside each user's directory. Not to mention some parts should be rewritten in local delivery, as it does not use SMTP.



`- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Bien à vous...
(_'  L'informatique est ma passion, vous la simplifier, mon métier !
,_)téphane Bouvard [antarex AT freenet DOT be]

Reply via email to