Add the nobody alias to remove the issue of giving up the alias to
people (check the list archives for info on that) and restrict posts to
subscribed users.
Jeff Graves
Customer Support Engineer
Image Source, Inc.
10 Mill Street
Bellingham, MA 02019
508.966.5200 X31 - Phone
508.966.5170 - Fax
jeff@image-src.com - Email
-----Original Message-----
From: majordomo-users-owner@greatcircle.com
[mailto:majordomo-users-owner@greatcircle.com]On Behalf Of Richard Welty
Sent: Friday, May 17, 2002 8:11 AM
To: majordomo-users@greatcircle.com
Subject: Re: Securing Majordomo
On Fri, 17 May 2002 00:25:03 -0400 kirk Bailey <idiot1@netzero.net>
wrote:
> It is indeed insecure.
>
> all lists have an outbound alias, as
> listname-outgoing::include:/pathtofile/listname
>
> and that alias is totally insecure. 99% of the people using majordomo
> use the exact format of outgoing alias the manual specifies. THAT IS
> EASY YO GUESS. Send a spam to it. See what happens.
>
> As long as you do not use a ramdomized name for it, and as long as you
> continue sending out messages from majordomo with this technique, you
> will continue to be vulnerable to spamming lists.
this is not completely true.
with some MTAs, it is possible to restrict access to the outbound alias.
i
use the stock outbound aliases, but my exim MTA configuration refuses to
let non-local users access them. to my mind, this is better than
arbitrarily changing the name, because of the possibility that the
outbound
alias might be exposed or guessed at some point in time. it's true
security,
rather than security through obscurity.
i'm sure other modern MTAs have similar access control capabilities, but
i
can only speak to exim.
> Another is that it runs as ROOT and being world executable.
??
my installation is as majordomo:majordomo. this is what is more-or-less
stock for majordomo installs.
one you missed: the cookie for confirmation policy, in majordomo.cf (or
foo.cf if you have a foo virtual domain). change this to insure that
folks
can't easily forge subscribes to your confirmed list:
# tune the cookie for subscribe_policy=confirm. Normally this is
# set to $homedir. *Don't* make this something like rand(400),
# the key isn't saved between sessions.
#
# $cookie_seed = "Fiddle, Faddle, Fumble, FooBar" .
# " South Pacific, Walter Winchell, Joe DiMaggio";
$cookie_seed = "Larry, Curly, Moe, Shemp";
richard
--
Richard Welty
rwelty@suespammers.org Averill Park
Networking
rwelty@averillpark.net Unix, Linux, IP Network Engineering,
Security
rwelty@krusty-motorsports.com
518-573-7592
References:
|
|
