I have set up an email-to-fax gateway using procmail as a filter to grep
out the faxing information from the body and/or header of the e-mail.
Things work well, however, I would like to increase the security of the
system somewhat. I would appreciate some recommendations in this regard.
I have considered comparing the return-path of the e-mail against a fax
user-list. How easy is it to falsify the return-path? (quite simple I'm sure)
I have considered comparing both the return-path of the e-mail and a
PASSWORD: body line against a fax user-password-list. The PASSWORD: line
entry is a bit more hassle than I'd like, but if it helps security... My
concern is with someone else intercepting the e-mail and using the password
to their advantage.
Can the username (sedded from the return-path) and password be compared
against the UNIX username and password list? Probably not, especially
since the rc file is being run in a non-root user mode (the uid of the
fax-bound mail account).
Thanks.
Lee Howard