[imp] From line creation? (2.2.4)

Marius Strom marius@marius.org
Wed, 7 Feb 2001 12:28:11 -0600

Previous message: Syslog stats
Next message: [imp] From line creation? (2.2.4)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Right, but that could easily be evaded by changing my From address to:
marius@alpha1.net" ; <evil command here>.

There need to be some other heuristics (of which I don't possess,
unfortunately) to validating email addresses..  Perhaps a regex search
of through the email address of [^a-zA-Z0-9.@+] characters?

On Wed, Feb 07, 2001 at 01:24:58PM -0500, Chuck Hagenbuch wrote:
> Quoting Marius Strom <marius@marius.org>:
> 
> > Chuck, if I may ask, I do recall you quoting addresses due to security
> > issues.  Am I correct in this memory?
> 
> Yes, you are correct. It appears we'll have to reverse that; I just want to 
> make sure we don't re-open any security holes when we do.
> 
> -chuck
> 
> --
> Charles Hagenbuch, <chuck@horde.org>
> "My intuitive grasp of math often leads me astray." -Me
> 
> -- 
> IMP mailing list: http://horde.org/imp/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe@lists.horde.org
> 

-- 
Marius Strom <marius@marius.org>
Professional Geek/Unix System Administrator
URL: http://www.marius.org/
http://www.marius.org/marius.pgp 0x55DE53E4
 
"Never underestimate the bandwidth of a mini-van full of DLT
tapes traveling down the highway at 65 miles per hour..."
	-Andrew Tanenbaum, "Computer Networks"

Previous message: Syslog stats
Next message: [imp] From line creation? (2.2.4)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]