> > It is possible to telnet to a qmail server and do this: > > helo > mail from:[EMAIL PROTECTED] > rcpt to: > data > he he here is a delivery failure...you will be flooded with this > . > > Se this enable an attacker to use your qmail server to create a flood of > delivery failures to the adresse given in mail from:....could be a person > you dont like. > > How do I disable this? anyone have a solution? > > If it can be disable, then i have to skip qmail (to risky to use then) > > Other mailservers donīt accept a blank rcpt to:
This is not qmailadmin related, but I still help you. You can use this patch http://www.unixpimps.org/software/qregex/ -- Eero
