Re: Last Call: draft-hutzler-spamops (Email Submission: Access and Accountability) to BCP
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Last Call: draft-hutzler-spamops (Email Submission: Access and Accountability) to BCP
On Sun, 10 Jun 2007, Tony Finch wrote:
On Fri, 8 Jun 2007, Stephane Bortzmeyer wrote:
Side note: on Unix, will cron be forced to authenticate to send emails
at 2 am? :-)
cron sends email by invoking sendmail, which knows the user that invoked
it. authentication is therefore automatic and has been the norm for ever.
Sendmail does not authenticate automatically or otherwise. What it does
is to use as RFC2821 MAIL FROM account of the user that invoked it or
when "-f" option is used puts out account of the user in the trace data.
This is not authentication, this is reporting of the user data, so its
like you connecting to open relay mail system and that system properly
puts in Received line with ip address of where you connected from and then
forward your email without checking if you're allowed to relay or not.
Now in theory you could say that properly setup unix system should not
allow access to sendmail (by means of user/group permissions) for
those unix accounts that should not have access to it. In practice such
precise security policies & permissions are almost unheard of.
--
William Leibzon
Elan Networks
william at elan.net
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
