Re: [Exim] Matching bounce recipients against sender hashes …

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Christian Balzer
Datum:  
To: Tony Finch
CC: exim-users
Betreff: Re: [Exim] Matching bounce recipients against sender hashes -- solved!
Better late than never...

Tony Finch wrote:
>On Sun, 13 Jun 2004, Christian Balzer wrote:
>>
>> But unless you can make sure that those tokens are never exposed,
>> you are going to become vulnerable again (just look for spam that is
>> addressed to email/usenet message IDs).
>> Possible/likely leaks are mailing list archives and even more in this
>> day and age compromised machines of people you communicated with.
>> Given the the increasingly close proximity of spammers and worm/virus
>> authors a rather plausible scenario.
>
>Mailing list archives won't be a problem because list systems usually
>don't propagate the original return path.


Usually, yes. But for example the Debian bug report archives do and
who knows which others as well. But it's a minor risk, agreed.

Regards,

Christian Balzer
--
Christian Balzer        Network/Systems Engineer                NOC
chibi@???       Global OnLine Japan/Fusion Network Services
http://www.gol.com/