It really makes no sense posting this here. The qmail mailing list is the place to discuss these concerns. why not do so?
At 08:41 AM 9/16/2003, Peter Nilsson wrote:
I donīt wanīt to start a big discussion but i donīt think you understand the potential risk here.
The reson why i wrote it to this list was also to warn about this issue, its a bad thing that qmail accept this kind of abuse as defaultNo it is not a big security risk.it is a risk that a user can use your mailserver to flood a user on another server, it would be you explaining the angry sysadm at that site what is going on
This is nothing new, this is how SMTP works.
no its not its how qmail works, i have a merak mailserver to (windows box) and it is not accepting a blank rcpt to: and postfix is not either....i like qmail because of tools like qmailadmin and fast webmail as sqwebmail, but my first impression of qmail is that it is an old mailserver software that need an update to fix some small "bugs"
sorry that i post the message in the first place but I was desperate and about to move all users to my merak server because off this issue....
Paul Theodoropoulos http://www.anastrophe.com
