[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [OT] [RAQ4] Formmail 1.9

Subject: Re: [cobalt-users] [OT] [RAQ4] Formmail 1.9
From: Larry Smith <lesmith@xxxxxxxxx>
Date: Tue Jun 25 11:19:01 2002
Organization: ECSIS.NET
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

INRE RE: [cobalt-users] [OT] [RAQ4] Formmail 1.9:
> It means you end up having a "formmail" for each local "form" (unique
> recipient), but does mean that you are pretty darn secure from violations
> of your forms.

Yes, in the context of someone being able to "use" your forms (more 
specifically the formmail.pl or whatever you call it) to "relay" mail through 
your server to others.

All the "other" parameters within formmail are taken from the 
$FORM{'something'} syntax - while the $mail_to_me or whatever is taken from 
inside the program directly meaning that even if they "know" what name you 
are using (mail_to_me, mail_someone, etc) they cannot "pass" that to the 
script where it will be used.

That is - _unless_ they have "access" to the script and then you have bigger 
problems than "spam"....


-- 
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx

References:
- RE: [cobalt-users] [OT] [RAQ4] Formmail 1.9
  - From: Jolley, Carl

Prev by Date: [cobalt-users] Installing a Different OS on a RaQ 4i - Then Restoring Cobalt OS
Next by Date: Re: [cobalt-users] [OT] [RAQ4] Formmail 1.9
Previous by thread: RE: [cobalt-users] [OT] [RAQ4] Formmail 1.9
Next by thread: [cobalt-users] Fwd: [cobalt-security] Seems that SUN woke up :-)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index