lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: szalkai at 2fkft.com (Akos Szalkai) Subject: Re: Strange from address Hi James, > If you insert the following string into the mail from: field #@[] it > appears to by pass the mx check and replys ok. if you read the qmail manpages (addresses(5) specifically), you can see that this a qmail extension: this is the envelope sender of a double bounce. What I fail to see however, is that how it can be a security problem. It is not very difficult to generate envelope senders that pass your mx check anyway. Regards, Akos -- Akos Szalkai <szalkai@...hu> IT Consultant, CISA 2F 2000 Szamitastechnikai es Szolgaltato Kft. Tel: (+36-1)-4887700 Fax: (+36-1)-4887709 WWW: http://www.2f.hu/
Powered by blists - more mailing lists