On Fri, 2004-02-20 at 14:52, Dustin D. Trammell wrote:
I'm not developing a qmail SRS implementation, but I do use qmail, so
perhaps I can try to shed some light on this. From what I understand of
SRS, I would think that it would be handled somewhere around
qmail-queue, not qmail-local. Incoming bounces that are SRS encoded
would be decoded somewhere around qmail-queue before it hands the
message off to qmail-local for local delivery. Also, messages would be
SRS encoded around the same place before they are handed off to
qmail-remote for external delivery. This way, only the UID that
qmail-queue is running as would need access to the SRS secrets, not the
users themselves. It's been a while since I actually delved into the
qmail flowchart so I could be forgetting something here about the way
the components operate, so take this scenario with a grain of salt.
A patch (against Qmail) will be available in libsrs beta 0.2 which is on
its way out the door shortly.
Cheers,
James
--
James Couzens,
Programmer
-----------------------------------------------------------------
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBD3BF855