Mercurial > docs > diploma

changeset 263:5d3da729351a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
excluded some text parts
author meillo@marmaro.de
date Wed, 14 Jan 2009 21:32:44 +0100
parents 20abea94c9b6
children 691c08400988
files thesis/pieces/masqmail-sendmail-replacement.tex thesis/pieces/new-queue-permissions.txt
diffstat 2 files changed, 70 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/thesis/pieces/masqmail-sendmail-replacement.tex	Wed Jan 14 21:32:44 2009 +0100
@@ -0,0 +1,14 @@
+Hence it must be secure enough. It either needs the security features or must drop the unsecure funtionality. The second option, however, leads to being \emph{no} replacement for other \MTA{}s. It is a valid decision to not be a replacement for \sendmail\ or thelike, but this is a design decision---the change of a primary goal.
+
+If \masqmail\ should be an \MTA\ to replace others, a switch to a better suited architecture that provides good security and extendability by design, seems required. But if \masqmail\ is wanted to cover some special jobs, not to replace common \MTA{}s, then its architecture depends on the special requirements of the specific job; \MTA\ architectures, like discussed by \person{Hafiz}, may be inadequate.
+
+What future is to choose for \masqmail---one to be a full featured \MTA, or one to be a stipped down \MTA\ for special jobs?
+
+The critical point to discuss upon is surely the listening on a port to accepte messages from outside via \NAME{SMTP} (herafter also refered to as the \NAME{SMTP}-in channel). This feature is required for an \MTA\ to be a \name{smart host}, to relay mail. But running as deamon and listening on a port requires much more security effort, because the program is put in direct contact with attackers and other bad guys.
+
+\MTA{}s without \SMTP-in channels can not receive mail from arbitrary outside hosts. They are only invoked by local users. This lowers the security need a lot---however, security is a general goal and still required, but on a lower level. Unfortunately, as they do not receive mail anymore (except by local submission), they are just better \name{forwarders} that are able to send mail directly to the destination.
+
+This is not what \masqmail\ was intended to be. Programs that cover this purpose are available; one is \name{msmtp}.
+
+\masqmail\ shall be a complete \mta. It shall be able to replace ones like \sendmail.
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/thesis/pieces/new-queue-permissions.txt	Wed Jan 14 21:32:44 2009 +0100
@@ -0,0 +1,56 @@
+\begin{tabular}[hbt]{ l l }
+
+\mbox{ queue-in:} & \mbox{
+\begin{tabular}[hbt]{| c | c | c |}
+	\hline
+ incoming & outgoing & pool \\
+	\hline
+	\hline
+ - & - & - \\
+	\hline
+ 0600 & - & - \\
+	\hline
+ 0600 & - & 0600 \\
+	\hline
+ 0700 & - & 0600 \\
+	\hline
+\end{tabular}
+} \\
+
+\quad & \\
+
+\mbox{scanning:} & \mbox{
+\begin{tabular}[hbt]{| c | c | c |}
+	\hline
+ incoming & outgoing & pool \\
+	\hline
+	\hline
+ 0700 & - & 0600 \\
+	\hline
+ 0700 & 0600 & 0600 \\
+	\hline
+ 0700 & 0700 & 0600 \\
+	\hline
+ - & 0700 & 0600 \\
+	\hline
+\end{tabular}
+} \\
+
+\quad & \\
+
+\mbox{queue-out:} & \mbox{
+\begin{tabular}[hbt]{| c | c | c |}
+	\hline
+ incoming & outgoing & pool \\
+	\hline
+	\hline
+ - & 0700 & 0600 \\
+	\hline
+ - & 0700 & - \\
+	\hline
+ - & - & - \\
+	\hline
+\end{tabular}
+} \\
+
+\end{tabular}