Eclectica Daybreak over Colburne Passage near Sidney, BC, Canada filler
shim shim shim shim
shim Home shim Software shim Avocations shim Services  
shim shim shim shim
 SSL Certificates
 Self-Check Digits
 Bare Metal Reload
      Mailing Lists
 FTP Backup


[EnGarde] pop-before-smtp daemon

From: Marcus Redivo (mredivo_at_<censored>)
Date: 2002-08-08 18:39:24

Hello Ryan and list,

I have written a pop-before-smtp daemon in C, which I am testing now before
I make it publically available for download. I would like to get comments on
the architecture I have chosen from those more knowledgable than me.

So far, it works like a charm, and uses very few resources. If no-one points
out a problem, it is almost ready to post for download. What remains is a
security audit; buffer overflows, dealing with malicious input, etc. This
was kept in mind while writing the code, but another look after the fact is
always good.

Background (I know, I know, most of you don't need it...):

Mail servers are usually configured to deny relaying mail unless it
originates on the local network, or is destined for a local user. When a
user travels, they are no longer on the local network, so the server refuses
to relay their mail. Basic SMTP has no identification/authorization
capabilities that the mail server can trust, so the user is out of luck.

However, when the user _retrieves_ mail via POP, that is an authentication
we can trust. All we need to do is capture the user's current IP address,
and then permit relaying from that IP address for a limited length of time;
problem solved. The program I wrote does just that.

Here's how it works:

As a source of login information, I have added a new destination pipe to my
syslog-ng configuration. My program listens on this pipe, and responds to
logins by writing entries to a hash DB checked by Postfix. It also wakes up
when the oldest entry reaches its expiry time, and deletes the entry from
the hash DB. This repeats indefinitely.

Here is the syslog-ng additional configuration:

destination spop3 { pipe("/var/log/spop3.log"); };
filter f_spop3 { match("stunnel"); };
log { source(src); filter(f_spop3); destination(spop3); };

I created the pipe with mkfifo, mode "prw-------". The entries that appear
on it are of the form

Aug 6 14:10:11 spruce stunnel[27983]: spop3 connected from
Aug 6 14:10:12 spruce stunnel[27983]: Connection closed: 136 bytes sent to
SSL, 36 bytes sent to socket

I ignore all lines except the ones containing "spop3 connected from", and
extract the IP address and timestamp from them.

All the rest is just programming. My questions:

-- If my daemon stops for any reason, what happens to the data that
syslog-ng writes to the pipe? Can this cause syslog to block, or otherwise
hang the system?

-- Would it be better to use a unix-stream (mode "srw-------")? I can't even
find out how to create one of these in the file system, let alone compare
tradeoffs with what mkfifo creates.

(Note: while I have a long history of (non-MS) programming, I have only
recently become exposed to UNIX. Too bad it took so long...)

All comments/pointers are welcome, as are expressions of interest in using
it. (You may want to respond off-list, to keep traffic down.)

Thanks in advance,
Marcus Redivo

The Binary Tool Foundry

     To unsubscribe email engarde-users-request
         with "unsubscribe" in the subject of the message.

This archive was generated by hypermail 2.1.6 on 2005-11-05 00:15:03 PST