[oclug] Postfix Autoreply Software
Dan Langille
dan at langille.org
Tue Jun 24 12:37:48 EDT 2003
On 24 Jun 2003 at 12:29, Collin McCrank wrote:
> Dan Langille wrote:
>
> >Don't forget how this can be abused. One person turning on/off
> >another's message....
>
> I thought that this section
>
> # test if message is to and from the same address and if suject is
> # "vacation on" or "vacation off"
> :0
> # adressed to a system user
> *$ ^TO_$LOGNAME@
> # and is from that same user
> *$ ^From:.*$LOGNAME@
>
> Handled that. The only way to turn off someone else's message is to
> make it appear that it is coming from that user.
>
> I may be wrong since I don't know all that much about procmail
The From field can be forged by people who know how. You decide what
your users are like. And everyone that knows you're going to use it.
You may decide that the risk and consequence is insigificant. Just
wanted you to be aware.
--
Dan Langille : http://www.langille.org/
More information about the OCLUG
mailing list