Quoting Joshua Megerman <[EMAIL PROTECTED]>:
Sounds like there's something funky going on with the chkuser patch for
you - do you have the same problem when not using TLS?  I'm not a chkuser
expert, but have you double-checked your chkuser settings?

The only extra setting I'm using is the CHKUSER_ENABLE_UIDGID. From what I've read on the Interazioni site this option will cause issues wtih TLS. I enabled this because qmail-smtpd was unable to run vchkpw without it enabled. I assume this is because of users/group permission but even with the qmail & vpopmail user in the same group vchkpw didn't run.

Qmail implements SMTP_VRFY, but it doesn't actually do anything.  DJB
(rightly, IMHO) decided that it didn't make sense to let people constantly
hammer your system with VRFY commands to determine who was or wasn't a
valid user, and so (per the RFC) qmail's VRFY implementation responds with
a message that indicates a non-answer (252 send some mail, i'll try my
best) and doesn't actually indicate whether the address is valid or not.
Chkuser can result in giving the same information, as it will reject
non-valid users, but this at least forces spammers to try to send mail,
and get rejections (and possibly dropped altogether) rather than just
scanning a qmail SMTP server...

This makes sense but doesn't chkuser essentially do the same thing SMTP_VRFY would do?


This message was sent using IMP, the Internet Messaging Program.

Reply via email to