Re: Sanitizer & IMAP anyone?

From: Dave Cridland (
Date: Wed 10 Apr 2002 - 10:14:45 UTC

  • Next message: mark david mcCreary: "why does Anomy remove the body of a plain text message ?"

    On Mon, 2002-04-08 at 16:02, Brian Schonecker wrote:
    > ...considering moving my company's primary email access to IMAP server.
    > Anyone using sanitizer/IMAP?
    > So far, I've been able to get the IMAP server to start but my mail delivery
    > location is in $HOME and I want to 'chroot' it to $HOME/mail so that users
    > cannot access their $HOME files. This is a Linux server that is used only
    > for mail access and doesn't allow logins from the outside (other than
    > console).
    > Anyone doing this already? Caveats?

    If you're using a sealed server anyway, then Cyrus IMAPd is your friend.
    It's significantly faster than the UW implementation, but that's because
    it's optimised for IMAP delivery. Normal UNIX mail tools will *not*
    work. Users don't exist on a system level, and so don't even *have* a
    home directory. Good, eh? The server does no setuid stuff, and needs no
    root access. (Actually there's a packaged inetd/cron equivalent which
    uses root access to listen on POP3, IMAP, and LMTP ports, but this
    really isn't a big deal.)

    Unfortunately, it's also optimised for LMTP delivery - I believe that
    Exim can handle this, as can Sendmail (which I normally use).

    Procmail can receive emails through LMTP, but I'm not so certain about
    sending through LMTP. Besides which, procmail would only be used for
    firing off the sanitizer, since Cyrus uses SIEVE standard filtering
    scripts for sorting and filtering email which I can actually understand
    (unlike procmail. And given I understand sendmail's cf format, I'm not
    100% certain this is entirely me being stupid).

    In order to eliminate procmail, and hopefully make things faster, I
    knocked together a LMTP (And (E)SMTP) filtering version of Sanitizer,
    which I dutifully slung URLs on the list for. Since nobody seemed
    interested, I've plonked that on the back burner, and it definitely
    contains bugs, from what I remember. I did used to use it, but dropped
    it some time ago due to lack of need for any sanitization at all.

    It's still available on
    somewhere (First item, in fact.). I apologise in advance for the "fully
    configurable source code" mentality - as I say, nobody else was
    interested anyway, so I've more or less shelved the project until I need
    it again.

    I may rewrite it sometime soon, as I'm working on yet another email
    project which probably will end up using the Sanitizer, but in the
    meantime, if you're interested, then let me know and I may work up some
    enthusiasm for it again. :-)


    hosted by