Actually, I think you are off base here.
It's not Majordomo's responsibility - it's YOUR responsibility. Majordomo
isn't a mail server. It's a preprocessing engine. It is your mail server
that does not provide the appropriate level of protection to your clients
and subscribers. In this modern age of rampant virii, hacks and trojans,
anyone running a mail server has to treat the Internet as a HOSTILE
environment, and configure and run the system accordingly.
I run Mimedefang and quite a few other pieces of software on all of my
servers in addition to all the appropriate configurations for Majordomo.
None of my lists have ever been used to send a virus, or have been
compromised in the manner described.
The primary problem seems to be twofold:
1. Cheap hosts that provide almost no protection on the servers they sell.
Therefore handing a ticking time bomb to the unsuspecting customer.
2. System administrators who do not truly understand what they are
administering.
Responsible administration can provide all the protection you'll ever need
- for free I might add, everything needed is either system configuration or
software available under the GPL or similar license.
Just my $.02 - ymmv - insert appropriate disclaimers here - please send
flames to /dev/null
At 03:21 PM 3/31/2004 +0200, you wrote:
><snip>
>This is not the way it should be! Majordomo should protect all aspects
>regarding sending messages to the list subscribers and this means also
>protecting the aliases, if the list-owner wishes. I think, a patch is
>needed, which extends the responsibility of the majordomo. Hit me, bite
>me, call me by unholy names, but THIS IS A SECURITY HOLE!
<snip>
Michael K Donohue
Webmaster/Sys Admin
Bardic Solutions
http://www.bard.net
webmaster@bard.net
References:
|
|
