[Mailman-Users] List Security
admin
admin at web-standart.net
Wed Oct 23 19:03:37 CEST 2002
> >Mailman v2.1 authenticates on From: and envelope.
What is used?
>
> Pardon me for being a pain here, but isn't it ridiculously easy to forge a
> From:, and also rather easy to forge an envelope?
>
> Now I'll be humble and admit that I don't even know what an envelope is.
So
> my question about the envelope really boils down to: if I have root access
> on a machine other than the one Mailman is running on, can I fool
Mailman's
> envelope recognition?
no seen protection no - write although with any machines, but faked field
From: and access open - I checked from miscellaneous hosts and domains
More information about the Mailman-Users
mailing list