Inkampani ye-Qualys
Inkinga ibangelwa iphutha kukhodi eletha imeyili kuseva yemeyili ekude (hhayi kukhodi ephethe ukuxhumana okungenayo). Ukuhlasela kungenzeka kokubili ohlangothini lweklayenti futhi ohlangothini lweseva. Ngasohlangothini lweklayenti, ukuhlasela kungenzeka ekucushweni okuzenzakalelayo kwe-OpenSMTPD, lapho i-OpenSMTPD yamukela izicelo kuphela ku-interface yenethiwekhi yangaphakathi (localhost) futhi ithumela imilayezo yemeyili kumaseva angaphandle. Ukuze kuxhashazwe ubungozi, kwanele ukuthi, phakathi nokulethwa kwencwadi, i-OpenSMTPD isungula iseshini ngeseva yemeyili elawulwa umhlaseli, noma ukuthi umhlaseli angakwazi ukungena ekuxhumekeni kweklayenti (i-MITM noma ukuqondisa kabusha ngesikhathi sokuhlaselwa nge-DNS noma i-BGP. ).
Ngokuhlaselwa kohlangothi lweseva, i-OpenSMTPD kufanele ilungiselelwe ukuthola izicelo zenethiwekhi yangaphandle ezivela kwamanye amaseva wemeyili noma inikeze izinsizakalo zezinkampani zangaphandle ezikuvumela ukuthi uthumele isicelo ku-imeyili engafanele (ngokwesibonelo, amafomu okuqinisekisa ikheli kumawebhusayithi). Isibonelo, umhlaseli angaxhuma kuseva ye-OpenSMTPD futhi athumele incwadi engalungile (kumsebenzisi ongekho), okuzoholela empendulweni ethumela incwadi enekhodi yephutha (i-bounce) kuseva yomhlaseli. Umhlaseli angasebenzisa ubungozi lapho i-OpenSMTPD ixhumeka ukuze ilethe isaziso kuseva yomhlaseli. Imiyalo yegobolondo ejovwe ngesikhathi sokuhlasela ifakwa efayeleni elenziwa ngamalungelo ezimpande lapho i-OpenSMTPD iqalwa kabusha, ngakho umhlaseli kufanele alinde i-OpenSMTPD ukuthi iqale kabusha noma iqalise ukuphahlazeka kwe-OpenSMTPD ukuze kuqedelwe ukuhlasela.
Inkinga ikhona kumsebenzi we-mta_io() kukhodi yokuhlaziya impendulo yemigqa eminingi ebuyiswe yiseva eyirimothi ngemva kokusungulwa koxhumano (isibonelo, "250-ENHANCEDSTATUSCODES" kanye "250 HELP"). I-OpenSMTPD ibala ukuthi umugqa wokuqala uhlanganisa inombolo enezinhlamvu ezintathu nombhalo ohlukaniswe ngohlamvu “-“, futhi umugqa wesibili uqukethe inombolo enezinhlamvu ezintathu nombhalo ohlukaniswe yisikhala. Uma inombolo enezinhlamvu ezintathu ingalandelwa yisikhala nombhalo emugqeni wesibili, isikhombi esisetshenziselwa ukuchaza umbhalo sisethwa kubhayithi elandela uhlamvu lwe-'\0' futhi kwenziwa umzamo wokukopisha idatha elandela isiphetho. yomugqa ungene kusigcinalwazi.
Ngesicelo sephrojekthi ye-OpenBSD, ukushicilelwa kwemininingwane mayelana nokuxhashazwa kokuba sengozini kubambezelekile kuze kube umhla zingama-26 kuFebhruwari ukuze kuvunyelwe abasebenzisi ukuthi babuyekeze amasistimu abo. Inkinga ibikhona ku-codebase kusukela ngoDisemba 2015, kodwa ukuxhashazwa ngaphambi kokukhishwa kwekhodi ngamalungelo ezimpande kwenzeke kusukela ngoMeyi 2018. Abacwaningi balungiselele i-prototype esebenzayo yokuxhashazwa, ehlolwe ngempumelelo ku-OpenSMTPD yakhela i-OpenBSD 6.6, i-OpenBSD 5.9, i-Debian 10, i-Debian 11 (ukuhlola) ne-Fedora 31.
Ku-OpenSMTPD futhi
Inkinga iwumphumela wokuqedwa okungaphelele
Kuyaphawuleka ukuthi ku-Fedora 31 ukuba sengozini kukuvumela ukuthi uthole ngokushesha amalungelo eqembu lempande, njengoba inqubo ye-smtpctl ifakwe ifulegi lempande ye-setgid, esikhundleni sefulegi le-setgid smtpq. Ngokufinyelela eqenjini lempande, ungabhala phezu kokuqukethwe kwe/var/lib/sss/mc/passwd futhi uthole ukufinyelela okugcwele kwempande ohlelweni.
Source: opennet.ru