[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

remailer security, sendmail



I just read an interesting post on alt.hackers.  Apparently you
can figure out who's sending mail to who by repeatedly running
the command /usr/lib/sendmail -bp.  I just tested this out and
it *seems* to work, as does running /usr/ucb/mailq repeatedly.
How's that for an obscure feature?

Does anyone run a remailer on a multi-user machine where sendmail
is used?  Is this sendmail feature a problem?  If so, how would
one fix it? (write a wrapper for sendmail? but that requires root
access *sigh*)  Am I missing something?

-------------------------------------------------------------------------------
David Wagner                                             [email protected]