On Thursday 27 May 2004 04:26 am, Tonix wrote:
> it looks like there is a "trust" against this patch, just saying
> generically it's ugly, but not beeing able to say why, and not beeing
> able, mainly, to make another one working.
> This patch is highly responding to DJ security and programming models,
> while all the rest around (including vpopmail) is not, so all the attacks
> are without comprension (or people attacking does not understand what is
> speaking about).
> This patch is running in hundreds of productions sites since more than two
> years (without a bug and without any performance problem), and I'm
> receiving dozen of e-mails, each month, thanking for it.
I continually see reports of 'false positives' on this mailing list.
Not to mention my first experience with this patch it wasn't even a unified
diff, therefore I had to apply it against a fresh qmail tarball and make a
real diff out of it before I could apply it against the qmail tarball I was
I don't like how it determines the 'catchall' either, however, that's not a
problem with the patch, that's a problem with how vpopmail determines how
it's supposed to handle deliveries to unknown user accounts/aliases.
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
[EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail