[30788] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: possible open relay hole in qmail-smtpd-auth patch

daemon@ATHENA.MIT.EDU (Uwe Ohse)
Thu Jul 17 13:22:56 2003

Date: Thu, 17 Jul 2003 12:12:31 +0000
From: Uwe Ohse <uwe@ohse.de>
To: qmail@list.cr.yp.to, bugtraq@securityfocus.com
Message-ID: <20030717121231.GK22934@ohse.de>
Mail-Followup-To: qmail@list.cr.yp.to, bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200307162048.h6GKmIup002842@turing-police.cc.vt.edu>

On Wed, Jul 16, 2003 at 04:48:18PM -0400, Valdis.Kletnieks@vt.edu wrote:

> Actually, it is *quite* legal to reply a '250 OK' on something that 
> will eventually

the patch (qmail-1.03-jms1-antispam.patch) replies with 250, even though 
it already knows that the message will _not_ reach the recipient and 
will _not_ be bounced. It knows that the message is being sent to 
/dev/null.

Sorry for being unclear.

Regards, Uwe


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[30788] in bugtraq

Re: possible open relay hole in qmail-smtpd-auth patch

daemon@ATHENA.MIT.EDU (Uwe Ohse)Thu Jul 17 13:22:56 2003

daemon@ATHENA.MIT.EDU (Uwe Ohse)
Thu Jul 17 13:22:56 2003