Re: Secure popen

From: Glynn Clements (glynn.clementsat_private)
Date: Thu Jun 21 2001 - 04:54:07 PDT

  • Next message: John Viega: "Re: Secure popen"

    Kai Schulte wrote:
    
    > > DON'T DO THIS !
    > > Why you must run sendmail ?
    > > Why don't you simply create a SMTP connection
    > 
    > Maybe the web server isn't running an smtp daemon.  But even if it is,
    > why is it safer to send everything through the tcp/ip stack and have
    > sendmail fork a copy of itself than to invoke it directly?
    > 
    > If you don't know anything about the local host's mailer or you can
    > deliver straight to the the recipient's host,
    
    Easier said than done. Correctly delivering mail involves (amongst
    other things) looking up MX records and trying them in order of
    decreasing priority until one succeeds. And queuing any messages which
    can't be delivered due to transient failures.
    
    > your idea is the best, of
    > course. (And if all recipients are local, you even have the option of
    > invoking the local delivery agent directly... or just locking
    > their mail files and appending to them ;)
    
    That overlooks aliases and a host of other configurable options which
    together form part of the system's mail handling policy.
    
    You can't assume that mail addressed to user@localhost (or anything
    else which looks like a local address) ends up in the file
    /var/spool/mail/user.
    
    More generally, the only thing you can assume is that feeding the
    message to the "sendmail" program (which may or may not be "Sendmail")
    will result in it being handled appropriately.
    
    This is particularly important for mail sent from programs. It's
    standard practice to send to an alias, which is then redirected to the
    appropriate user account(s).
    
    -- 
    Glynn Clements <glynn.clementsat_private>
    



    This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 08:30:37 PDT