Mailing List Archive

About "setenv MAILUSER something"
We are going to get on qmail on some systems that there are
people that want to be hackers. Qmail allows users to send mail
as something else using "setenv MAILUSER something" and
"setenv MAILHOST somewhere.com". Is there any way for me,
the administrator of these systems, to stop this happening?
Is it an option that I've missed?

Thanks in advance,

Giorgos Stathakopoulos
System Administrator for Unix Systems of
Computer Technology Institute, stathako@cti.gr
Computer Engineering and Informatics Department, stathako@ceid.upatras.gr
Re: About "setenv MAILUSER something" [ In reply to ]
On Wed, 26 Feb 1997 G.Stathakopoulos@cti.gr wrote:

> We are going to get on qmail on some systems that there are
> people that want to be hackers. Qmail allows users to send mail
> as something else using "setenv MAILUSER something" and
> "setenv MAILHOST somewhere.com". Is there any way for me,
> the administrator of these systems, to stop this happening?
> Is it an option that I've missed?

Why bother? They can just telnet to the SMTP port and forge the From:
and envelope sender.

Evan
--
Evan Champion * Director, Network Operations
mailto:evanc@synapse.net * Directeur, Exploitation du reseau
http://www.synapse.net/ * Synapse Internet