Currently I am running a before-queue-milter script (written in java) and I see the postfix is communicating to milter in plain text via a socket connection. Is there a way to protect this by some transport security?
Asked
Active
Viewed 108 times
0
-
2Security from what? The local socket isn't enough?! – Michael Hampton Dec 16 '17 at 19:04
1 Answers
2
postfix should be (and by default in all distros i know, is) setup in a way such that every socket is only accessible by postfix and the respective milter.
While some *nix systems do not implement access permissions on socket files, setting them on the directory (the socket is contained in) is sufficient on most systems.
$ postconf smtpd_milters
smtpd_milters = local:/mymilter/mymilter.sock
$ ls -ld /var/spool/postfix/mymilter
drwxr-x---- mymilter postfix 4096 Dec 1 2017 /var/spool/postfix/mymilter
$ su nobody -s /bin/sh -c ls /var/spool/postfix/mymilter
ls: cannot open directory '/var/spool/postfix/mymilter': Permission denied
$ su mymilter -s /bin/sh -c ls /var/spool/postfix/mymilter
mymilter.sock
Unauthorized users cannot access to folder the socket is in. The data transmitted over such sockets is therefore securely transported.
Further transport security mechanisms are not necessary, unless you otherwise make available methods of investigating local socket to untrusted users - you should not.
anx
- 6,875
- 4
- 22
- 45