> It is not inherently insecure to have mail delivered to root, because
> first of all, it is just text. If I as root _decide_ to interpret it as a
> script (by using a stupid MUA), then that's _my_ fault, not sendmail's.
It is, of course, sensible to test your MUA.
I posted a harmless script here a while ago; however, mail.redhat.com
wouldn't resolve about then & some mail bounced.
I'm trying again;-) Just try click on the attachment and see what happens.
Prudence suggests you peruse it first;-)
testemailvulnerability.sh
Cheers
John Summerfield
http://os2.ami.com.au/os2/ for OS/2 support.
Configuration, networking, combined IBM ftpsites index.