On Fri, 4 Jan 2002, Andromeda wrote:
> At 00:09 04/01/2002 +0000, you wrote:
> > >The only _right_ way to do security on anything that sends email from a
> > >web HTTP form POSTing, is to severely limit what addresses it can mail
> > >*TO*, for instance, by making and mainting a list of authorized
> > >recpients. When a customer wants to add a form to their site, they have
> > >to have the desired recipient address added to your list..
>
> This is a definite. You can fix the lookuphost router as follows:
Hrm. Our site has done this by actually modifying formmail itself to do
the recipient checks, and give an error on failure.. It will
automatically allow any recipient in the same domain as the website it
is called on, plus we can add specific senders to a text file..
We dont currently allow third party cgi, so no problem there..
> lookuphost:
> driver = lookuphost
> transport = smtp
> senders = "!@@lsearch;/usr/local/exim/local/nullsenders"
>
> You can then add this to the file "/usr/local/exim/local/nullsenders":
>
> hostname: user1 : user2 : user3 : user4 : nobody : [...]
>
> Since your script is restricted to the nobody user (or the httpd user or
> whatever, which you add to your file), the above will fail the email if the
> To: is non-local.
This will only work if your webserver and your mailserver are the same
machine ;)
>
> This is one way to stop abuse from the nobody@[hostname] address, or any
> other system users that could be abused to spam from your hosts. Since
> webscripts are usually used to send something to a local account, the
> restrictions are perfect.
>
> Andromeda
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>
--
