From owner-freebsd-questions@FreeBSD.ORG  Sat Dec 15 11:44:15 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 881D116A41B
	for <freebsd-questions@freebsd.org>;
	Sat, 15 Dec 2007 11:44:15 +0000 (UTC)
	(envelope-from gerard@seibercom.net)
Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.249])
	by mx1.freebsd.org (Postfix) with ESMTP id 468A513C4E7
	for <freebsd-questions@freebsd.org>;
	Sat, 15 Dec 2007 11:44:15 +0000 (UTC)
	(envelope-from gerard@seibercom.net)
Received: by an-out-0708.google.com with SMTP id c14so453723anc.13
	for <freebsd-questions@freebsd.org>;
	Sat, 15 Dec 2007 03:44:14 -0800 (PST)
Received: by 10.100.194.17 with SMTP id r17mr9394522anf.92.1197719054302;
	Sat, 15 Dec 2007 03:44:14 -0800 (PST)
Received: from ?192.168.1.102? ( [67.189.206.211])
	by mx.google.com with ESMTPS id h15sm18237184wxd.2007.12.15.03.44.12
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Sat, 15 Dec 2007 03:44:12 -0800 (PST)
Date: Sat, 15 Dec 2007 06:44:22 -0500
From: Gerard <gerard@seibercom.net>
To: freebsd-questions@freebsd.org
Organization: Seibercom.net
In-Reply-To: <BMEDLGAENEKCJFGODFOCCEDICFAA.tedm@toybox.placo.com>
References: <200712142357.07080.wundram@beenic.net>
	<BMEDLGAENEKCJFGODFOCCEDICFAA.tedm@toybox.placo.com>
X-Face: "\j?x](l|]4p?-1Bf@!wN<&p=$.}^k-HgL}cJKbQZ3r#Ar]\%U(#6}'?<3s7%(%(gxJxxcR
	nSNPNr*/^~StawWU9KDJ-CT0k$f#@t2^K&BS_f|?ZV/.7Q
Message-Id: <20071215064304.2209.A38C9147@seibercom.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.44 [en]
Subject: Re: Suggestions please for what POP or IMAP servers to use
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Dec 2007 11:44:15 -0000

> On December 14, 2007 at 11:25PM Ted Mittelstaedt wrote:

[ snip ]

> It is dangerous to put any webmail application on a mailserver
> for a couple reasons.  First it is possible for users of the
> app (assuming the app has the ability to save mail) to overflow
> directories on the mailserver.  However more seriously, any
> www application is always subject to security issues - a hole in
> the application, even if the apache version your using is secure -
> allows spammers to relay through your mailserver.  Mailservers are
> of course, the most desired of spam relays.

If you are using Postfix, placing the following in the 'main.cf' file can
significantly reduce the potential regarding relaying from Apache. Of course,
insure that the group is correct.

    authorized_submit_users = !www, static:all


-- 
Gerard