Security impact of lmtpd with pre-auth
Pascal Gienger
Pascal.Gienger at uni-konstanz.de
Thu Jul 9 01:05:16 EDT 2009
Nikolaus Rath schrieb:
> But unless I have some exotic filtering and/or rate limiting configured,
> he can do exactly the same thing by connecting to localhost:smtp, or
> invoking sendmail directy, can't he? So why the additional protection
> for lmtp?
Imagine a Cyrus Box only accepting LMTP connections, no sendmail, no
Postfix, no other SMTP MTA running on it.
Then imagine a frontend smtp relay delivering directly via LMTP over TCP
to your Cyrus box. You can use lmtp auth then to prevent other machines
from directly delivering mails via lmtp.
Pascal
--
Pascal Gienger
University of Konstanz, IT Services Department ("Rechenzentrum")
Electronic Communications and Web Services
Building V, Room V404, Phone +49 7531 88 5048, Fax +49 7531 88 3739
More information about the Info-cyrus
mailing list