I just had an email from a user trying to send an email to 27 recipients, which was blocked (as it should have been). He received this error (addresses redacted):
>5.7.1 too many recipients for [email protected] in 60 seconds - >please try again not before Jan-19-10 20:58:59 or send a >notification message to any of the follwing addresses: >[email protected]|[email protected]|[email protected] The error being given spews out the contents of the EmailAdmins parameter - a parameter which is supposed to be used to specify the addresses capable of adding/removing to/from various lists. I wasn't aware that the addresses in this parameter were going to be given out publicly in an error message to anyone who tries to spam the server! I had sensitive email addresses in this parameter, that weren't supposed to be public! Being that this parameter can also be set to things like "postmaster" or "@domain.com" I suspect this is not a correct usage of the parameter. Also, there's a spelling mistake - "follwing" should be "following". ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
