Schiz0: > Hey list, > > I have a setup with postfix-2.9.3,1 using virtual users from a > postgresql database. A thought suddenly occurred to me, what if > someone tries to send email to a user like this: '; drop table > mailbox;' > Does postfix properly escape fields when querying a sql database? My
Sure, Postfix is http://xkcd.com/327/ compliant. Wietse
