Hi!
I know that this group isnīt about qmail, but maybe someone know about qmails blank rcp to problem, its a big security risk.
It is possible to telnet to a qmail server and do this:
helo
mail from:[EMAIL PROTECTED]
rcpt to:
data
he he here is a delivery failure...you will be flooded with this
.
Se this enable an attacker to use your qmail server to create a flood of delivery failures to the adresse given in mail from:....could be a person you dont like.
How do I disable this? anyone have a solution?
If it can be disable, then i have to skip qmail (to risky to use then)
Other mailservers donīt accept a blank rcpt to:
HELP!
Regards,
Peter Nilsson
- Re: [qmailadmin] rcpt to bounce security risk Peter Nilsson
- Re: [qmailadmin] rcpt to bounce security risk Eero Volotinen
- [qmailadmin] Re: rcpt to bounce security risk Peter Nilsson
- [qmailadmin] Re: rcpt to bounce security risk Peter Nilsson
- Re: [qmailadmin] Re: rcpt to bounce securi... Eero Volotinen
- [qmailadmin] Re: rcpt to bounce secur... Peter Nilsson
- [qmailadmin] Re: rcpt to bounce s... Eero Volotinen
- Re: [qmailadmin] Re: rcpt to bounce securi... Eero Volotinen
- [qmailadmin] Re: rcpt to bounce secur... Peter Nilsson
- Re: [qmailadmin] Re: rcpt to boun... Trey Nolen
- [qmailadmin] Re: rcpt to boun... Peter Nilsson