>3 items show up for formmail 1.9. They are at: > >http://online.securityfocus.com/bid/2469 >http://online.securityfocus.com/bid/3954 >http://online.securityfocus.com/bid/3955 > >essentially: formmail is open to people spamming through your machine.
Thanks! >One alternative is to fix formmail so that it cannot be directed to >mail to any address except the one you want it to mail to. Another >better choice is at > >http://nms-cgi.sourceforge.net/ > >Note the over-arching point of that project is to eradicate Matt >Wright's junk scripts from the net. the cool part of this is that >the replacements are actually maintained by people who can be >reasonably called Perl programmers, as opposed to Matt Wright. Thanks much for this. I guess I'll find out pretty soon how much of a drop in replacement this is, as claimed. I'm now trying to used the vuln search to find out if there are any reported vulnerabilities to using SendMail, the CPAN alternative to sendmail when using FormMail. But you can see my problem, I'm sure... AFAICT, the CPAN does not appear in this database. Stefan Jeglinski ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
