On Fri, 24 Jan 1997, Rick Murphy wrote:
> At 03:57 PM 1/24/97 +1100, proff @
suburbia .
net wrote:
> >Last time I looked it only checked rcpt to: et al
> >
> >-Julian <proff @
iq .
org>
> Nope. FWTK 1.3 (November 1994 checks both the envelope and the headers.)
> I haven't looked back farther than that but I suspect that it's always
> verified headers - how else could you protect from
> "Errors-To: | /bin/cat /etc/passwd | .." attacks?
> -Rick
FWIW..
Smtpd can't handle (at least not for me :) swedish characters in
headers, something that is pretty common here in Sweden. Something to do
with isprint, which return zero on the 8-bit iso chars (which made me
pretty surprised, so it might be my fault somehow).
Furthermore it won't accept mail without receiving a HELO, which makes it
fairly unusable with the newest netscape (Communicator) which don't seem
to send it (when using smtpd as SMTP Gateway for NS).
This is of course just my humble experiences; YMPV ('..probably varies' :)
- smapd have been working just fine all the time, although without snappy
messages a la "pleased beyond bladder control".
Calle
References:
|
|
