I was looking at ORBS page about MTAs vulnerabilities and found this
about qmail:
---------------------------------------------------------
Qmail admins: Qmail's current version is insecure by default. Most
admins know enough to follow the instructions for securing it before
putting qmail into service, however it usually drops ORBS test messages
checking for UUCP pathing vulnerabilities - "! pathing" - into the admin
mailbox. As ! is a standard network addressing indicator, this should be
regarded as a Qmail bug.
---------------------------------------------------------
This entry arised 2 questions for me:
1. Isn't there a reasonable (easy?) way to make the default qmail
installation open relay safe?
2. What is this "UUCP pathing vulnerabilities" talk all about? Can it
represent any kind of real trouble no tbeing able to properly process !
as "a standard network addressing indicator"?
Thanks in advance for your attention,
Rodrigo Severo
--
-------------------------------------------
Fábrica de Idéias
sbs - ed. empire center - bl. s - sala 109
cep 70070-904 - brasília-df - brazil
tel: (61) 321 1357
fax: (61) 321 6096
[EMAIL PROTECTED]
-------------------------------------------
