On Wed, 14 Apr 1999 08:06:45 -0400 (EDT), xs wrote:
>i thought about this one this weekend, if /bin/false is in /etc/shells
What about /bin/passwd? Allows people to change password via telnet ...
Another alternative is to use Bruce Guenter's vmailmgr and make all the
pop accounts virtual. You can also use tcpwrapper/tcpcontrol/firewall
to limit access so that only local users can pop. We do this and then
allow remote access via sqwebmail, but with a different password.
-Sincerely, Fred
Fred Lindberg, Inf. Dis., WashU, St. Louis, MO, USA
