Home page logo
/

nanog logo nanog mailing list archives

[no subject]
From: matthew () scruz net (Matthew Kaufman)
Date: Tue, 15 Jul 1997 18:38:31 +0000

Original message <Pine.BSI.3.96.970715210717.373B-100000 () duncan nac net>
From: Alex Rubenstein <alex () nac net>
Date: Jul 15, 21:07
Subject: 



has anyone hacked QMail or Sendmail so that it could act as a mail server
without actually having accounts on it?

Yes.


The idea that I have is that when a user gets mail (ala SMTP connection   
coming in), or the user checks mail (ala POP connection coming in), the   
mail server (Qmail, Sendmail, whatever) could make an ODBC/SQL call to a  
NT Server running MS-SQL (doesn't really matter, as it is a pure ODBC 
call). Has anyone done anything like this?  Just curious. Thanks in 
advance. Pointers would be good also.

We have a modified:
   sendmail
   mail.local
   popd

all of which verify accounts against our internal database (same one
which handles Radius queries and which the web/ftp server uses to do 
authentication and transfer limit quotas... in our case, a custom-written 
database package that keeps local copies of all of the data, and can read
it in a single disk seek, so there's no problems if the network to the 
database server is ill)

there's only about a dozen lines of code in each (usually the fastest 
solution is to have a routine which accesses the database, and then fills
in a fake passwd struct as would be returned by getpwent)

nice thing is that you can build in things like "allow mail to arrive,
but return special failure code when user connects to pop server" to
deal with "customer exists but hasn't paid for >45 days", and even more
clever... "forward this mail to this other address for 30 days, and then
bounce thereafter"

only hint to be had is that even though it feels like modifying mail.local
should be enough, sendmail ALSO checks to see if the user exists on the
system before asking mail.local to do the delivery, so you need to hack both
of them.

we've investigated making the same hacks to both MMDF and qmail, and these
appear to be equally trivial.

-matthew kaufman
 matthew () scruz net




  By Date           By Thread  

Current thread:
  • [no subject] Matthew Kaufman (Jul 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault