[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Re: NeoMail 1.25
- Subject: Re: [cobalt-users] Re: NeoMail 1.25
- From: "Cobalt mailing List" <cobaltlist@xxxxxxxxxxx>
- Date: Sat Sep 22 18:42:26 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
I have noticed this but I do not think this is much of a security risk.
You cannot read that person's mail, nor can you change the settings. If
you want to send out your mail with someone else's email address you can
just do this by changing the from address in your mail application.
Mail which is sent from Neomail has the sender's IP address stamped into
the header. This should deter people.
Regards,
Jason Vaughan
Netergy.com
> I agree I brough this up already and nobody responded.
>
> Joe
>
>
>
> I just installed the NeoMail 1.25 and was testing
> the program and found what I think is a bug.
> John Doe who runs www.site1.com can login via
> another site on the same server (for example
> www.site2.com/neomail/). Then John enters his
> username/password combo (for site1) and he is
> granted access even though he is not associated
> with www.site2.com. It looks like John can now
> send messages as john@xxxxxxxxxx
>
> This seems this might be a security issues to me?
>
> Anyone else notice this?
>
> Thanks,
>
> Andy Robinowitz
> Organic Hosting, LLC
> http://www.organichosting.com
>
> __________________________________________________
> Terrorist Attacks on U.S. - How can you help?
> Donate cash, emergency relief information
> http://dailynews.yahoo.com/fc/US/Emergency_Information/
>
>
>
> --__--__--
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
>
> End of cobalt-users Digest
>
--
Jason Vaughan
Netergy.com
http://www.netergy.com