On Tue, Jul 25, 2000 at 09:30:41AM -0700, Aaron L. Meehan wrote:
! Quoting Chris, the Young One ([EMAIL PROTECTED]):
! > ! How do I allow this to happen, if I dont know the IP address of
! > ! the user wishing to relay??
!
! Yikes, I see I will have to modify my quoted text regexp. Oh, the
! heck with it... I'm not putting an exclamation mark in it.
Yikes, I see I will have to modify my quote margin. Oh the heck with
it... I'm not changing it to a greater-than sign. :-)
What I use:
set quote_regexp="^([ \t]*[|>:}!])+"
(I've taken out ``#'', which is in the default setting, because # is
used so often in script files that people occasionally attach.)
! A malicious individual who has control over his reverse DNS could then
! also relay mail via your server. Assuming you're not checking IP
! addresses in "paranoid" mode, of course. A low risk, to be sure, as
! most spammers are clueless. Something to think about, though, since
! it's not always just plain ol' spammers that spam.
That brings back memories of the legendary DJB v. WZV thread on bugtraq.
To wit:
http://www.securityfocus.com/templates/archive.pike?list=1&[EMAIL PROTECTED]
Anyway, I second your point above. I use ``paranoid'' mode for SMTP and
other services for which I ``need'' the reverse DNS. At least tcpserver
doesn't drop connections where the paranoid test fails; it simply unsets
TCPREMOTEHOST.
---Chris K.
--
Chris, the Young One |_ heartbleed (OpenBSD/i386) has now been up for
Auckland, New Zealand |_ all of 28 days, 02:26:08
http://cloud9.hedgee.com/ |_
PGP: 0xCCC6114E/0x706A6AAD |_
