Delivery Behavior
Rob Siemborski
rjs3 at andrew.cmu.edu
Tue May 11 12:22:17 EDT 2004
On Mon, 10 May 2004 ms419 at freezone.co.uk wrote:
> The "[cyr]deliver" manpage explains that if delivery is attempted to a
> mailbox, "user.userid.mailbox", and "... the ACL on any such
> mailbox does not grant the sender the "p" right ... then delivers to
> the INBOX for the userid, regardless of the ACL on the INBOX."
>
> If delivery is attempted to any other mailbox, and "... the ACL on
> mailbox does not grant the sender the "p" right, the delivery fails."
>
> In my experience, if delivery is attempted to a mailbox,
> "user.userid.mailbox", and the mailbox doesn't exist, delivery is also
> instead made to the INBOX for the userid.
>
> Instead of delivery failing or being made to the INBOX, I need
> nonexistent mailboxes to be created. A patch for Sieve exists to do
> this - http://email.uoa.gr/projects/cyrus/autosievefolder/ - but I'm
> not using Sieve.
>
> I think a configuration option concerning what to do with messages
> which couldn't be delivered would be great; reject them, deliver to an
> INBOX, or create the missing mailbox.
>
> I've been through the Cyrus code endeavoring to implement this, but I'm
> not an experienced developer. Is the code to by default deliver
> messages to an INBOX in "[cyr]deliver" or "lmtpd"?
deliver is an lmtp client, so the code is in lmtpd.
However, I need to strongly stress that you very carefully consider the
security implications of what you are proposing here -- if you were to
configure cyrus to do this, then an attacker can easily create many
thousands of mailboxes in short order. Creating a mailbox is a
substantially more expensive operation than just delivering a message, and
it can have much longer-term impact on the system (keep in mind that
mailboxes.db is, essentially, a global lock -- and if you dump tens of
thousands of entries into it, it will take longer to process to respond to
LIST commands and so on).
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list