li...@datenritter.de writes:
> Maybe scrap the whole thing. Use backticks to feed the email to a Perl > script that safely parses headers.Okay... the beforementioned problems left aside, what is the advantage?
You can safely implement the same functionality in Perl itself, instead of executing shell commands, which is difficult to do right without creating security holes.
It's all about a simple regex. IMHO, the beauty of all solutions discussed here is that they use maildropfiler and nothing else.
maildropfilter is fine for simple mail filtering tasks. But it's not Perl.
"At the very least"? Does an external perl script have any security advantage over this?
See above. A Perl script can validate and do a lot more things, all without shelling out to external commands.
pgptsokKIuh6S.pgp
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
