| Anonymous | Login | 2024-11-21 05:23 MST |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0020391 | ClearCenter | app-clearglass - ClearGLASS Engine | public | 2018-06-20 01:20 | 2018-06-20 07:51 | ||||
| Reporter | NickH | ||||||||
| Assigned To | |||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||
| Status | closed | Resolution | duplicate | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 7.4.0 Updates | ||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0020391: Handle the SMTP Trusted Network in a user friendly and mainatinable way | ||||||||
| Description | Currently to enable ClearGLASS to send e-mails, ClearGLASS just adds the subnet 172.16/12 to the mynetworks parameter in /etc/postfix/main.cf when only a /16 subnet is needed. Also, from the way it is done, it appears to the sysop in the Webconfig SMTP Trusted Networks as a normal subnet he may have added and it risks deletion by the sysop. Added to this, the ClearOS recommended SMTP security model is to use user/pass authentication and not use Trusted networks, yet here we have suddenly trusted the whole 172.16/12 address space which may also cover some of the normal LAN subnets. The subnet is not programatically maintainable as it may also have been added by the sysop. There is a very simple alternative. Add a parameter to /etc/postfix/main.cf e.g. clearglassnetwork and set it to the ClearGlass subnet which can be derived from the br-????? interface. Then append ", $clearglassnetwork" to mynetworks in /etc/postfix/main.cf and reload postfix. This way clearglassnetwork is programatically maintainable. It also shows in the webconfig as "$clearglassnetwork" so it is clear to the sysop that it is a special parameter and the webconfig still functions without any modification (I have tested it). This change can be taken one step further. Currently the SMTP Webconfig hides the loopback subnets. It could also be made to hide any parameter beginning with $ | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|||||||
|
|||||||
 Relationships |
|
Notes |
|
|
(0007581) user2 2018-06-20 07:51 |
This overlaps with the feature request in 0019311. Ultimately, any app - not just ClearGLASS - should be able to request outbound mail services from the Postfix SMTP mail system. The 0019311 implementation will likely mimic the SDN infrastructure for mail services. Due to the nature of constantly changing IPs in a cloud environment, the SDN implementation is based on service accounts (username/password) instead of IP addresses . |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2018-06-20 01:20 | NickH | New Issue | |
| 2018-06-20 07:51 | user2 | Note Added: 0007581 | |
| 2018-06-20 07:51 | user2 | Relationship added | duplicate of 0019311 |
| 2018-06-20 07:51 | user2 | Status | new => resolved |
| 2018-06-20 07:51 | user2 | Resolution | open => duplicate |
| 2018-06-20 07:51 | user2 | Assigned To | => user2 |
| 2018-06-20 07:51 | user2 | Status | resolved => closed |
| 2018-06-20 07:51 | user2 | Assigned To | user2 => |
|
Issue History |