From: markus schnalke <meillo@marmaro.de> To : <masqmail@marmaro.de> Date: Thu, 08 Jul 2010 11:04:37 +0200
Finally, I reply ...
[2010-05-31 00:15] Alberto González Palomo <alberto@matracas.org>
> markus schnalke wrote: (30/05/10 21:54)
> > [2010-05-30 14:53] Juergen Daubert <jue@jue.li>
> >[...]
> >> That means pipe remains the only method to detect online status?
> >
> > Yes, that's what I have in mind.
> >[...]
> >> But is the additional code needed for
> >> the file method that large? It's more effort to create a script and
> >> might be less secure as well.
> >
> > I think it would be good to not specify a executable file for
> > online pipe but a command line. It could still be the path to an
> > executable file then, but also something like:
> >
> > online pipe = "cat /some/file"
> > or
> > online pipe = "echo foo"
I have to correct that it needs to be `/bin/cat /some/file' and
`/bin/echo foo', because absolute program paths are required. (I
documented this now too.)
> Reading from the file excludes the possibility of launching the
> wrong executable, either by mistake or as part of an attack.
I see no difference if one writes `/some/file' or `/bin/cat
/some/file'.
Another way would be to have:
query online = "/some/textfile"
and
query online = "|/some/script params"
(This will break compatibility, of course, but I intend to do so in
the 0.3 branch. `query online' is a symbolic name for this future
option that would replace `online detect' and `online {file,pipe}'.)
> I'd prefer to have the file method just the same as it's now.
> I've been using it since 2000, copying the configuration files
> from one computer to the next. :-)
Habits should be no arguments, as they don't tell anything about the
quality of a solution. Further more, it is possible to add a script
that converts a configuration to the new format. And generally: If one
want's to keep things as they are, he should stay on the 0.2 branch.
The 0.3 branch will be the new *developement* branch. I plan to ignore
compatibility stuff mostly there.
> > @all: If you run them on your computers, please let me know if they
> > went well.
>
> Since one year ago I'm using the version packaged with Ubuntu,
> but I'll see if I get the courage to install this version during the
> week.
> I even used it for several years in MacOS X (10.2, 10.3 and 10.5)
> after doing a few changes around "make install", and it worked well.
Thanks for sharing this information.
> Last year I lost some messages, apparently because masqmail could
> not write somewhere.
I should check that. Masqmail should return failure codes in the SMTP
session if it was not able to spool the message. Similar, it should
return an error when invoked locally. Perhaps it already does so ...
> I'm not sure yet what was the cause, but one thing
> that gave me error messages was that the directory "/var/run/masqmail"
> did not exist. I got "could not write pid file: No such file or directory".
> After creating the directory manually it all worked fine again,
> but there was also a software update in MacOS X which is why I'm not
> sure whether that was the issue or not.
The pid file directory should just be a bonus. Everything should work
well without it ... at least in theory. ;-)
> About other features, one "problem" I have is that masqmail
> has been running fine for so long that I don't remember which features
> I'm using. :-)
:-) Thanks.
> Looking at masqmail's configuration files I see the old "get.*",
> the "connect route.*" entries (22 of them, for different places) and
> the online file="/tmp/connect route"
> In the route file I use now I have auth name, auth login,
> auth secret, do correct helo, and wrapper (for openssl).
Could you send me your route file (with private data removed)? I'm
especially interested in the wrapper stuff.
> In the others I have mail host, map return path addresses,
> last route, and expand h sender domain.
Could you please explain in what way you need last route?
meillo