Loading ...
Sorry, an error occurred while loading the content.

Re: Blocking web mail

Expand Messages
  • mouss
    ... that would. but it doesn t prevent users from using the smtp interface. users can even send outbout smtp without using your relay... oh, unless you use
    Message 1 of 12 , Jun 27, 2011
    • 0 Attachment
      Le 28/06/2011 00:25, Jerry a écrit :
      > On Mon, 27 Jun 2011 18:06:19 -0400 (EDT)
      > Wietse Venema articulated:
      >
      >> Jerry:
      >>> I saw a configuration for blocking web mail from Apache from
      >>> accessing Postfix. I think it was something like: !www or something
      >>> like that. I forgot to write it down and now I cannot locate it.
      >>> Does anyone know what the recipe is. Thanks!
      >>
      >> This was discussed here three postings before your question.
      >
      > OK, I found it:
      >
      > authorized_submit_users = !apache,static:all
      >
      > Since I am running Apache on FreeBSD with user/group ownership of "www"
      > I assume I would use this instead:
      >
      > authorized_submit_users = !www, static:all
      >
      > Would that be correct?
      >

      that would. but it doesn't prevent users from using the smtp interface.
      users can even send outbout smtp without using your relay... oh, unless
      you use different servers for different roles...
    • Jerry
      On Tue, 28 Jun 2011 01:59:43 +0200 ... My goal is to insure that if my Apache server were somehow compromised, and I have no reason to believe it is or has
      Message 2 of 12 , Jun 28, 2011
      • 0 Attachment
        On Tue, 28 Jun 2011 01:59:43 +0200
        mouss articulated:

        > Le 28/06/2011 00:25, Jerry a écrit :
        > > On Mon, 27 Jun 2011 18:06:19 -0400 (EDT)
        > > Wietse Venema articulated:
        > >
        > >> Jerry:
        > >>> I saw a configuration for blocking web mail from Apache from
        > >>> accessing Postfix. I think it was something like: !www or
        > >>> something like that. I forgot to write it down and now I cannot
        > >>> locate it. Does anyone know what the recipe is. Thanks!
        > >>
        > >> This was discussed here three postings before your question.
        > >
        > > OK, I found it:
        > >
        > > authorized_submit_users = !apache,static:all
        > >
        > > Since I am running Apache on FreeBSD with user/group ownership of
        > > "www" I assume I would use this instead:
        > >
        > > authorized_submit_users = !www, static:all
        > >
        > > Would that be correct?
        > >
        >
        > that would. but it doesn't prevent users from using the smtp
        > interface. users can even send outbout smtp without using your
        > relay... oh, unless you use different servers for different roles...

        My goal is to insure that if my Apache server were somehow compromised,
        and I have no reason to believe it is or has been, that it could not
        then use Postfix to send mail. Perhaps I am just being paranoid.
      • mouss
        ... we are two ;-) what I tried to say is: if you use a single server as an outbound relay and as another role, then you increase risks. in particular, if you
        Message 3 of 12 , Jun 30, 2011
        • 0 Attachment
          Le 28/06/2011 12:24, Jerry a écrit :
          > On Tue, 28 Jun 2011 01:59:43 +0200
          > mouss articulated:
          >
          >> Le 28/06/2011 00:25, Jerry a écrit :
          >>> On Mon, 27 Jun 2011 18:06:19 -0400 (EDT)
          >>> Wietse Venema articulated:
          >>>
          >>>> Jerry:
          >>>>> I saw a configuration for blocking web mail from Apache from
          >>>>> accessing Postfix. I think it was something like: !www or
          >>>>> something like that. I forgot to write it down and now I cannot
          >>>>> locate it. Does anyone know what the recipe is. Thanks!
          >>>>
          >>>> This was discussed here three postings before your question.
          >>>
          >>> OK, I found it:
          >>>
          >>> authorized_submit_users = !apache,static:all
          >>>
          >>> Since I am running Apache on FreeBSD with user/group ownership of
          >>> "www" I assume I would use this instead:
          >>>
          >>> authorized_submit_users = !www, static:all
          >>>
          >>> Would that be correct?
          >>>
          >>
          >> that would. but it doesn't prevent users from using the smtp
          >> interface. users can even send outbout smtp without using your
          >> relay... oh, unless you use different servers for different roles...
          >
          > My goal is to insure that if my Apache server were somehow compromised,
          > and I have no reason to believe it is or has been, that it could not
          > then use Postfix to send mail. Perhaps I am just being paranoid.

          we are two ;-)
          what I tried to say is: if you use a single server as an outbound relay
          and as another role, then you increase risks. in particular, if you put
          a web server on the same box as a postfix relay, then a program running
          inside your webserver (cgi, module, ...) can send mail using the smtp
          interface. in which case, no sendmail limitation would help. to protect
          against this:
          - the simplest approach is to not run a web server on the postfix relay:
          separate functions.
          - if not possible, control both the sendmail interface and the smtp
          interface. the latter is not easy. the unix model was not designed to
          control network traffic. a "local" firewall (pf, iptables) and MAC
          (freebsd mac, netbsd systrace, selinux, ...) might help, but they
          require some amount of work.
        Your message has been successfully submitted and would be delivered to recipients shortly.