Jack L. Stone said: > Ed, your info about Formmail is not correct and is very stale. In fact > there are more than 2 Million users and the security hole was patched. That > doesn't mean that some have not kept up to date and don't know about the > breach of security caused by using the older versions and those older ones > are most likely the ones you are receiving. The newer versions of formmails > cannot be sent from any other domain but the authorized host nor to any > other recipients but the one designated by the authorized host.
Jack -- last time I looked (Jan 2002) there was still a few sizeable holes in FormMail big enough to drive a tank through -- I cowrote an advisory about it. It looks safer with the current version (1.91), but I'd strongly recommend people use NMS Formmail instead, it's definitely secure. --j. ------------------------------------------------------- This SF.NET email is sponsored by: Take your first step towards giving your online business a competitive advantage. Test-drive a Thawte SSL certificate - our easy online guide will show you how. Click here to get started: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
