Looks like a bug in the address parser. That's too bad -- I just
rewrote that code! Oh well, I'll get it fixed.
Thanks for reporting this!
-- Sam Clippinger
On 7/11/10 11:11 PM, Chris Boulton wrote:
> Hi folks,
>
> After a recent scan of our servers (having only just deployed
> spamdyke), we'
Hi Shantanu,
It does not - the above can be replicated externally from the server as well.
Regards,
Chris Boulton
Lead Engineer
BigCommerce / Interspire
Email: ch...@bigcommerce.com
Web: http://www.bigcommerce.com
Web: http://www.interspire.com
Australia: +61 2 9262 7770
USA: 1800 939 5570
* Chris Boulton [100712 11:02]:
> Setup is as follows:
>
> ~$ cat /var/qmail/control/rcpthosts
> example.com
>
> ~$ cat /etc/spamdyke/spamdyke.conf
> local-domains-file=/var/qmail/control/rcpthosts
> relay-level=normal
> smtp-auth-level=observe
>
> ~$ telnet localhost smtp
show your tcp.smtp f
Hi folks,
After a recent scan of our servers (having only just deployed
spamdyke), we've discovered what we believe is a security issue with
spamdyke which will allow open relaying.
It looks like the issue has to do with multiple recipients being
specified in the RCPT TO line, and the first recip