Stuart Henderson wrote:
> i've just committed a modified version.
thanks.
> it would be better if smtpd's sendmail(8) interface was compatible with
> traditional behaviour really.
Ideally, yes, but I don't think it's practical. It is not a simple patch
by any means. Postfix implements `sendmail -bs` however it was done with
extreme care, there appears to be numerous security considerations taken.
If no one has asked for it in the over 10 years smtpd has been around, is
it really needed, or safe to say it's legacy cruft and good riddance?
The flaw in sendmail(8) is its approach to Sendmail compatibility:
> To maintain compatibility with Sendmail, Inc.'s implementation of
> sendmail, various other flags are accepted, but have no effect.
Some options imply very different behavior, so to swallow and ignore
all command-line options seems very wrong. Ideally, there should be a
whitelist of legacy options that are deemed okay to ignore if smtpd is
invoked as `sendmail`. All other options should return an error to the
caller because it implies a broken interface.
No comments:
Post a Comment