I had some new thoughts on this too. Doesn't using check_delivery leave you open to a phishing attack where the attacker can blast you with pseudo-random 'RCPT To:'s until they find ones that match and then sell your addresses on their CDs? Granted, check_goodrcptto would as well, but in my case I specifically recommend only using it during a joe-job bounce storm. From a quick glance, check_delivery would appear to work daemon-wide, whereas check_goodrcptto is domain-specific. I have alot of virtual hosts and don't need to do all the extra work for every incoming mail.
I haven't read the full source tho, so I could be wrong... -f On Wed, 2 Jun 2004, Guillaume Filion wrote: > "Skaag Argonius" <[EMAIL PROTECTED]> > > They are not very useful plugins if you get your check_delivery plugin to > > work. I host the site/domain Market.com and this is like the PERFECT > domain > > for joe jobs, and ever since I got my check_delivery plugin to work with > my > > setup (vpopmail with mysql), I'm one happy man. > > But for a situation like mine, where qpsmtpd sits on a public server that is > just a private relay to a firewalled qmail box sitting in my basement, > check_delivery does not work. It's true that when you can use > check_delivery, it's better than check_goodrcptto. > > Best, > GFK's > -- > Guillaume Filion, ing. jr > Logidac Tech., Beaumont, Québec, Canada - http://logidac.com/ > PGP Key and more: http://guillaume.filion.org/ > >
