> (I had hoped that Piete Brooks might have had something to say on this.)
OK ...
> restrict_to_path, but that would seem to prevent standard use of e.g.
> /usr/ucb/vacation.
Exactly -- you don't want users running such programmes !
> After reading that I still don't know whether allowing users to run pipes
> from .forward files is a security threat or not.
I run our MTAs on servers (i.e. machines on which users do not have accounts)
so have to protect against CRACKed user accounts on client machines allowing
malicious users to try to set traps.
However, even if users have accounts anyway, it is important not to allow users
to select the arguments or data passed to arbitary programmes.
Only carefully screened commands with "safe" arguments should be called,
or there is a chance that a remote user may send special email to try to
break things.
tell them to use user-vacation and *you* arrange that *exim* calls a *safe*
program which *you* control.
> So far I have only used Exim on our mail hubs but I am thinking of using
> it on hosts currently running simple sendmail configurations which send
> all non-local mail to the hubs.
*all* mail to the hub, not just non-local ...
Set it up to run as user exim, not root.
> One reason for doing this is the simplicity of preventing relaying with Exim.
It is a lot better to not provide a service than to try to secure one !
Don't run smtp listeners on "hosts" !
> However I currently use smrsh and do not want to lower the security of these
> systems.
Do they *HAVE* to run a server ?
> (On the other hand, if a local host implicitly allows relaying but sends
> all its mail via a hub running Exim which is configured to prevent
> relaying except for the local network will this prevent the local host
> from being used as a relay?)
Local hosts should not run SMTP listeners.
That way they *cannot* relay !
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/
