Unless I am missing something, in the absence of softlimits the risk with
qmail-local is still mitigated by the use of a reasonable databytes value.
-Chris
On Tue, May 26, 2020 at 9:20 AM Quinn Comendant
wrote:
> Hi Chris,
>
> Thanks for the analysis. My understanding is the same.
>
> I think
Hi Chris,
Thanks for the analysis. My understanding is the same.
I think the main concern is regarding memory limits placed on qmail-local. I
don't know how to apply softlimits there.
Quinn
On 26 May 2020 08:17:08, Chris wrote:
> I built my QMT a couple of years ago on CentOS 7, and spot
I built my QMT a couple of years ago on CentOS 7, and spot checking I see
that softlimits are already applied in the following supervise startup
scripts:
/var/qmail/supervise/smtp/run
/var/qmail/supervise/submission/run
/var/qmail/supervise/smtps/run
Additionally, I have a reasonable value in
Hello all,
I just came across this security bulletin that affects qmail:
https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt
“TLDR: In 2005, three vulnerabilities were discovered in qmail but were
never fixed because they were believed to be unexploitable in a default