On 06/09/2012 04:44 AM, Pritam D. Gautam wrote:
Dear Amit,
Thank you for pointing in right direction.
However, there are some shortcomings of implementing eMPF, I have
encountered:
Scenario 1: User A has been configured to prevent sending mails to
external domain.
If user A sends mail to internal domain (permitted by policy), with a
copy to external domain (denied by policy), the entire mail is rejected.
This is the behavior that I would expect, although that doesn't
necessarily make it right or proper.
I'll need to think this through before coming up with a suggestion. This
seems similar to another situation where a submission contains one
invalid address out of a bunch, and the message is refused giving the
user no indication of which address is bad. I'm not sure this is the
best way to handle things either.
Scenario 2: Vpopmail has been configured with /defaultdomain/ name in
~vpopmail/etc/defaultdomain file
With defaultdomain configured, it is not mandatory to supply full
emailaddress for authenticating with mailserver resulting in eMPF to
fail and allow all emails.
--
Having said that I have been able to write a workaround for Scenario 2
but living with Scenario 1 currently.
Any help will be appreciated.
Attached is patch I have created for Scenario 2.
HOWTO for Scenario 2:
------
1. Apply patch
2. Configure and export QMAILDEFAULTDOMAIN variable in the run file for
SMTP Server
e.g. export QMAILDEFAULTDOMAIN="@example.com"
Rather than have the default domain hard coded in another location, I
would rather see something like:
defdomfile=/home/vpopmail/etc/defaultdomain
if [ -f "$defdomfile" ]; then
export QMAILDEFAULTDOMAIN=$(cat $defdomfile)
else
export QMAILDEFAULTDOMAIN=""
fi
Also, I'm not a C expert. I wonder what happens with
strcat(remoteinfo,env_get("QMAILDEFAULTDOMAIN"))
when QMAILDEFAULTDOMAIN is not defined. If nothing, that's fine. If it
causes strcat to do something undesired though, then the result of
env_get should be checked before doing the strcat.
Nice work. This fix should probably be included the the stock eMPF code.
Matt?
--
-Eric 'shubes'
!DSPAM:4fd37e6634201363618960!
