Re: Majordomo and EXPN

Christopher M. Conway (cmconwa@SANDIA.GOV)
Wed, 22 Oct 1997 10:25:27 -0600

This is actually correctable by putting the arguments for resend into a file...
local users could still get at the data (potentially) by grabbing the
file if it's not protected, but remote users can't. You still have the
problem that someone could conceivably guess the actual alias that you're
using-- but that problem exists regardless. At any rate, you can see what
I mean from my system. It's not online right now (periodic connections to
the net), but you'll see something like this from an expn:

expn mylist
250 <"|/usr/local/mail/majordomo/wrapper resend @mylist.resend"@myhost.com>
expn mylist-outgoing
550 mylist-outgoing... User unknown
expn mylist-code1389110-outgoing
250 .... the whole list of subscribers ...

(Since my system isn't online right now, I can't verify that this is *exactly*
what it looks like, nor the exact syntax for resend, but it's something
like that).

mylist.resend actually has the arguments including the actual outgoing alias.
So, you'd have to guess that the actual outgoing address has that arbitrary
stuff in it (-code1389110-)-- which is exactly how I cobble up those addresses.
(not that exactly, of course, but it's similar.)

Now, I've got to fix something in sendmail, however, that puts that address
(the actual outgoing alias) in the headers of the messages-- so once someone
subscribes, they *could* get access to the whole list.

(Note: these lists are run from my own domain, not sandia.)

--
Christopher M. Conway           U*IX and C Guru         Don't Tread on Me
cmconwa@sandia.gov              wombat@prickly-wombat.com
We must all hang together, or, most assuredly, we will all hang separately.
I'll be post-feminist in the post-patriarchy.