> >I've done it, too. I use outgoing aliases of the form
> >majordomo-outgoing-listname, symlink the .qmail file to the list. and put a
> >call to a validation checker at the front of the list so that only majordomo
> >can send stuff to the list. Works pretty nicely, gets VERP automatically.
>
> Problems: you need to have subscriber lists which qmail likes (meaning,
> strip=yes, not always palatable).
Yup, happens not to be a problem here.
> And you have an open hole through which
> one can mail stuff to your list without going through resend's checks.
Nope, that's what the validation checker does -- it bounces the message if
it's not coming from the majordom account, i.e., resend. Qmail's protection
model works well here -- all the ~majordom/.qmail-xxx files belong to
majordom and all the programs run from them are run as majordom, so I have a
nice little protection domain wrapped around all the majordomo stuff. Unlike
the usual sendmail hack, the outgoing list address isn't considered secret.
> Also, you need to give qmail a "paternalism" setting of mode 000 because
> (on some systems at least) you can't make symlinks go-w, so qmail goes
> "uhoh, .qmail writeable".
The ~majordom/.qmail-xxx symlink and the list file both belong to majordom,
which is the user under whose ID the relay happens. No inter-user symlinks,
no protection problems.
With my script you get verps automatically too,
> it's just a command-line argument to qmail-inject.
Sounds great until your list gets big.
Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
References:
|
|
