'auth-required' was set to 'true' which definitely explains my point #2 (on 2004-03-10) --- so it seems like i reinvented the wheel and degraded the code/architecture at the same time! sorry --- i'll revert stuff back to the way it was and now i know to look in jboss-service.xml more deeply next time i consider changing something like this. indeed, i agree that configuring this kind of behaviour in the mbean xml is the right way to go, rather than hard-coding it in the java source code.
but point #1 still seems to stand as a potential security issue --- where the server relayed the mail when the sender's address had a known domain name. but i'll go back with a fine-toothed comb over the changes i made and make sure things are ok in light of the jboss-service.xml configuration elements. mike <a href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3825498#3825498";>View the original post</a> <a href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3825498>Reply to the post</a> ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
