On Thursday, October 24, 2002, at 04:30 PM, Nathan Neulinger wrote:
As near as I can tell from the courier auth*vchkpw.c code, it only
triggers either the vset_lastauth or the open_smtp_relay() routines
BEFORE authentication.
What good is that?
Two problems -
1. The way it calls vset_lastauth
As near as I can tell from the courier auth*vchkpw.c code, it only
triggers either the vset_lastauth or the open_smtp_relay() routines
BEFORE authentication.
What good is that?
Two problems -
1. The way it calls vset_lastauth in the pre* code means that you can
have a denial of service r
