[Exim] nessus security report

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Brad Crittenden
Dátum:  
Címzett: exim-users
Tárgy: [Exim] nessus security report
yesterday i ran nessus against my machine and it reported two problems with
exim:

1) claims we're relaying (though i've tried relaying through my host only to
be denied)

and

2) acceptance of mail from "|user@???" which is a risk if a message is
constructed to bounce and is then piped to an executable.

i've searched the mailing list archives for mention of these and found
nothing. is there a known reason nessus would give a false positive for
relaying? has the "|address" problem been addressed?

thanks,

brad