http://bugzilla.spamassassin.org/show_bug.cgi?id=4550
Summary: [RFE] Add secure user authentication to spamc/spamd
protocol
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: Other
OS/Version: other
Status: NEW
Severity: enhancement
Priority: P5
Component: spamc/spamd
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
Bug 4546 brought up the issue that spamc -L in the absence of authentication of
the user name opens vulnerabilities. In anticipation of that bug being closed by
making spamd learning disabled by default, to be enabled only in a suitably
secure environment, I'm opening this RFE to discuss how to do spamc -L securely
in less restrictive environments.
My first proposed solution is described in bug 4546 comment 7 but I would be
happy to see ideas that are easier to implement and more lightweight to run.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
