docs/diploma

changeset 263:5d3da729351a

excluded some text parts
author meillo@marmaro.de
date Wed, 14 Jan 2009 21:32:44 +0100
parents 20abea94c9b6
children 691c08400988
files thesis/pieces/masqmail-sendmail-replacement.tex thesis/pieces/new-queue-permissions.txt
diffstat 2 files changed, 70 insertions(+), 0 deletions(-) [+]
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/thesis/pieces/masqmail-sendmail-replacement.tex	Wed Jan 14 21:32:44 2009 +0100
     1.3 @@ -0,0 +1,14 @@
     1.4 +Hence it must be secure enough. It either needs the security features or must drop the unsecure funtionality. The second option, however, leads to being \emph{no} replacement for other \MTA{}s. It is a valid decision to not be a replacement for \sendmail\ or thelike, but this is a design decision---the change of a primary goal.
     1.5 +
     1.6 +If \masqmail\ should be an \MTA\ to replace others, a switch to a better suited architecture that provides good security and extendability by design, seems required. But if \masqmail\ is wanted to cover some special jobs, not to replace common \MTA{}s, then its architecture depends on the special requirements of the specific job; \MTA\ architectures, like discussed by \person{Hafiz}, may be inadequate.
     1.7 +
     1.8 +What future is to choose for \masqmail---one to be a full featured \MTA, or one to be a stipped down \MTA\ for special jobs?
     1.9 +
    1.10 +The critical point to discuss upon is surely the listening on a port to accepte messages from outside via \NAME{SMTP} (herafter also refered to as the \NAME{SMTP}-in channel). This feature is required for an \MTA\ to be a \name{smart host}, to relay mail. But running as deamon and listening on a port requires much more security effort, because the program is put in direct contact with attackers and other bad guys.
    1.11 +
    1.12 +\MTA{}s without \SMTP-in channels can not receive mail from arbitrary outside hosts. They are only invoked by local users. This lowers the security need a lot---however, security is a general goal and still required, but on a lower level. Unfortunately, as they do not receive mail anymore (except by local submission), they are just better \name{forwarders} that are able to send mail directly to the destination.
    1.13 +
    1.14 +This is not what \masqmail\ was intended to be. Programs that cover this purpose are available; one is \name{msmtp}.
    1.15 +
    1.16 +\masqmail\ shall be a complete \mta. It shall be able to replace ones like \sendmail.
    1.17 +
     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/thesis/pieces/new-queue-permissions.txt	Wed Jan 14 21:32:44 2009 +0100
     2.3 @@ -0,0 +1,56 @@
     2.4 +\begin{tabular}[hbt]{ l l }
     2.5 +
     2.6 +\mbox{ queue-in:} & \mbox{
     2.7 +\begin{tabular}[hbt]{| c | c | c |}
     2.8 +	\hline
     2.9 + incoming & outgoing & pool \\
    2.10 +	\hline
    2.11 +	\hline
    2.12 + - & - & - \\
    2.13 +	\hline
    2.14 + 0600 & - & - \\
    2.15 +	\hline
    2.16 + 0600 & - & 0600 \\
    2.17 +	\hline
    2.18 + 0700 & - & 0600 \\
    2.19 +	\hline
    2.20 +\end{tabular}
    2.21 +} \\
    2.22 +
    2.23 +\quad & \\
    2.24 +
    2.25 +\mbox{scanning:} & \mbox{
    2.26 +\begin{tabular}[hbt]{| c | c | c |}
    2.27 +	\hline
    2.28 + incoming & outgoing & pool \\
    2.29 +	\hline
    2.30 +	\hline
    2.31 + 0700 & - & 0600 \\
    2.32 +	\hline
    2.33 + 0700 & 0600 & 0600 \\
    2.34 +	\hline
    2.35 + 0700 & 0700 & 0600 \\
    2.36 +	\hline
    2.37 + - & 0700 & 0600 \\
    2.38 +	\hline
    2.39 +\end{tabular}
    2.40 +} \\
    2.41 +
    2.42 +\quad & \\
    2.43 +
    2.44 +\mbox{queue-out:} & \mbox{
    2.45 +\begin{tabular}[hbt]{| c | c | c |}
    2.46 +	\hline
    2.47 + incoming & outgoing & pool \\
    2.48 +	\hline
    2.49 +	\hline
    2.50 + - & 0700 & 0600 \\
    2.51 +	\hline
    2.52 + - & 0700 & - \\
    2.53 +	\hline
    2.54 + - & - & - \\
    2.55 +	\hline
    2.56 +\end{tabular}
    2.57 +} \\
    2.58 +
    2.59 +\end{tabular}