Jeffrey Wheat wrote:
> After seeing this behavoir, I am not comfortable anymore. I can see a
> situation where someone forges a mail header with an exiscan tag and sends
> a virus. Our mail server sees the tag and allows it to go through without
> checking? Is this how it works? It seems to be that way as my staging server
> never checks mail.
Make sure that exiscan_crypt_salt is different on all your machines.
To forge a header, someone must know your exiscan_crypt_salt value, so keep it
secret :)
/tom
--
Tom Kistner <tom@???>
ICQ 1501527 dcanthrax@efnet
http://duncanthrax.net
