Rich et al, I confess: I'm an employee of Sendmail, Inc. I've sent off a note to folks in the home office to try and determine why that sample page is blank. No promises, I'm in the Professional Services group (e.g. consulting for SMI customers) and the marketeers may well ignore me.
I am not aware of any security problems with the sample milter, or with the milter code in general. But I also haven't been tracking it very closely, either - yet another victim of the round tuit shortage. As for security, if you can drop privs and run in a chroot you should do so. Why not try to minimize any risks? I was going to suggest Derek Balling's www.milter.org site, but after a quick check I didn't actually find any sort of tutorial there. It's a nice site if you're playing with milters nevertheless. Perhaps less convenient, but the milter sample code is available in the Sendmail 8.12 distribution. You just have to dig around a little, e.g. sendmail-8.12.1/libmilter/docs/sample.html. --Steve. --- Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'. Mail administrative requests to `[EMAIL PROTECTED]'.
