Hi!
I submit outbound mail through ofmipd with John R. Levine's SMTP AUTH
patch[1]. (The service is available on the network only via stunnel.) It
runs, like qmail-smtpd, as qmaild.
I'm wanting to run submitted messages through custom filters before
injecting them into the queue. Since this SMTP AUTH patch includes the
QMAILQUEUE patch, no problem there.
Problem is, I'm wanting the custom filters to run as the authenticated
user.
I'm thinking I want to make ofmipd more like qmail-pop3d by extracting
the SMTP AUTH code out of ofmipd into a new "ofmipup" program (analogous
to qmail-popup) that runs as root, calls checkpassword, and execs ofmipd
as the authenticated user for the remainder of the "OFMIP" conversation,
thereby ensuring that custom filters run as that user.
Is this architecture reasonable? In other words, since this is port 587,
not port 25, is it reasonable to reject other SMTP commands (again,
analogous to qmail-popup) until authentication has completed?
Thanks,
- Amitai
[1] http://qmail.gurus.org/mess822-smtp-auth-patch.txt
I submit outbound mail through ofmipd with John R. Levine's SMTP AUTH
patch[1]. (The service is available on the network only via stunnel.) It
runs, like qmail-smtpd, as qmaild.
I'm wanting to run submitted messages through custom filters before
injecting them into the queue. Since this SMTP AUTH patch includes the
QMAILQUEUE patch, no problem there.
Problem is, I'm wanting the custom filters to run as the authenticated
user.
I'm thinking I want to make ofmipd more like qmail-pop3d by extracting
the SMTP AUTH code out of ofmipd into a new "ofmipup" program (analogous
to qmail-popup) that runs as root, calls checkpassword, and execs ofmipd
as the authenticated user for the remainder of the "OFMIP" conversation,
thereby ensuring that custom filters run as that user.
Is this architecture reasonable? In other words, since this is port 587,
not port 25, is it reasonable to reject other SMTP commands (again,
analogous to qmail-popup) until authentication has completed?
Thanks,
- Amitai
[1] http://qmail.gurus.org/mess822-smtp-auth-patch.txt