On Fri, 11 Feb 2011, Jason Haar wrote: > On 02/11/2011 09:37 AM, Mark Martinec wrote: > > Yes, the security hole is entirely within the milter, > > independent of the MTA. > > > That exploit is dated Mar 2010? Has this really not been fixed in about > a year??? > >
"a year"??, try half-a-decade. I've got a copy of that code from March 2006 and the vulnerability is there. Rather stale project. ;) -- Dave Funk University of Iowa <dbfunk (at) engineering.uiowa.edu> College of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527 #include <std_disclaimer.h> Better is not better, 'standard' is better. B{