-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 31 Jan 00, at 16:09, Charles Leeds wrote:
> We were audited and one of the findings was that our qmail server
> allowed addresses with the pipe symbol in them, which was reported in
> our audit as a bad practice.
Why exactly? Unless you stuff the e-mails into sendmail, or unless
you do badly shell expansion, there's no problem; in the latter
case, you have got a problem with addresses containing a
semicolon as well.
> Is there any way to block email addresses (sender or recipient) with
> the pipe symbol in them via configuration files, or would I have to
> patch the code?
You need to patch the code. Perhaps some of the spamcontrol
patches allow this check.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOJYKdVMwP8g7qbw/EQLkUACgu93N6wo4vYaUb50OELXUyYGYV5AAoM8h
j0vL7o44xyHR9Fb8vaw6MSFx
=pY1L
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
