mw-list-spf-discuss(_at_)csi(_dot_)hu wrote:
Under qmail, the local delivery agent is qmail-local. It is the one
handling aliases (.qmail aka .forward files). It is run as the user
whose email it delivers. How is it going to see the server's secret?
I'm not developing a qmail SRS implementation, but I do use qmail, so
perhaps I can try to shed some light on this. From what I understand of
SRS, I would think that it would be handled somewhere around
qmail-queue, not qmail-local. Incoming bounces that are SRS encoded
would be decoded somewhere around qmail-queue before it hands the
message off to qmail-local for local delivery. Also, messages would be
SRS encoded around the same place before they are handed off to
qmail-remote for external delivery. This way, only the UID that
qmail-queue is running as would need access to the SRS secrets, not the
users themselves. It's been a while since I actually delved into the
qmail flowchart so I could be forgetting something here about the way
the components operate, so take this scenario with a grain of salt.
---
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.