[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)



On Mon, 08. Feb 2010, 20:40:52 +0100, Marcus C. Gottwald wrote:
> I may add that there seems to be a (small, theoretical) risk
> with the way command-line arguments are treated: At least
> "--tls-fingerprint" can be given multiple times, and the value
> of the last one supersedes the value of previous ones. Since
> "Mutt" wants to add "-f <envelopefrom>", "--" can't be used to
> tell "msmtp" that only recipients' email addresses are supposed
> to follow, and there might be a chance that someone could make
> me send an email addressed to "--host=mail.badguy.com
> --tls-fingerprint=...", so that the bad guy gets a chance to
> sniff my password.

That is always a problem when '--' is not used, even if the options can
only be given once.

But my version of Mutt adds '--' itself: the arguments to the configured
sendmail command are '-f marlam@...23... -- <recip1> <recip2>...'.
And every program that builds a sendmail command line from untrusted
input should do the same. Furthermore, mail addresses are even allowed
to start with '-', so the '--' is needed to recognize these.

Martin