[rt-users] Return or Reply address issues
Bruce Campbell
bruce_campbell at ripe.net
Thu Jan 31 03:26:40 EST 2002
On 30 Jan 2002, Jim Meyer wrote:
> Pardon my creative rearranging of replies for readability:
>
> On Wed, 2002-01-30 at 17:04, RT2 Troubles wrote:
> > On January 30, 2002 04:39 pm, Bruce Campbell wrote:
nearly 2am my time mind ;)
> > > MTA (sendmail most likely) problem. See 'Trusted User' in MTA
> > > configuration, and add 'www-data' to it if required.
> >
> > [...] It's the last step that won't work because they are replying to
> > mail that is from "www-data at rt.foo.com".
>
> Right. Bruce was pointing out that it's a problem with your Mail
> Transport Agent (MTA) not trusting the apache user (www-data) and
> therefore not allowing the apache user to send mail with headers
> claiming to be some other user (support at rt.foo.com).
>
> He was suggesting that you check out how to add the apache user to your
> MTA's trusted users, which would solve your problem.
This does have some problems in the long term, in that *any* process
running as www-data (ie, from your web server) can send mail masquarading
as any address. ( I'm not that good with long explanations when I'm
excessively tired ;) ).
With the latest spate of spam mail spewing forth from web -> email scrips,
having your web server with this ability isn't something you want to
operate an exposed web server with.
Its better, imo, to run the RT web server as a seperate user, as this
contains any problems.
--
Bruce Campbell RIPE
Systems/Network Engineer NCC
www.ripe.net - PGP562C8B1B Operations
More information about the rt-users
mailing list