[Mimedefang] defang script using chown or chgrp
David F. Skoll
dfs at roaringpenguin.com
Tue Apr 29 08:38:57 EDT 2008
Jon Rowlan wrote:
> I don't understand. I have around 20 domains. Sendmail filters mails so
> that I only accept mail to these domains therefore there is no ambiguity
> or window of opportunity in $recipient (it actually only holds the
> domain portion of the recipient name by this stage). $MsgID is a unique
> name that is manufactured by sendmail. I am struggling to think of a way
> that this can be abused by a third party.
OK; I forgot that $MsgID is normally the Sendmail queue-ID. I thought
for a moment it was the Message-ID header.
More information about the MIMEDefang