lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Jul 2003 12:12:31 +0000 From: Uwe Ohse <uwe@...e.de> To: qmail@...t.cr.yp.to, bugtraq@...urityfocus.com Subject: Re: possible open relay hole in qmail-smtpd-auth patch On Wed, Jul 16, 2003 at 04:48:18PM -0400, Valdis.Kletnieks@...edu wrote: > Actually, it is *quite* legal to reply a '250 OK' on something that > will eventually the patch (qmail-1.03-jms1-antispam.patch) replies with 250, even though it already knows that the message will _not_ reach the recipient and will _not_ be bounced. It knows that the message is being sent to /dev/null. Sorry for being unclear. Regards, Uwe
Powered by blists - more mailing lists