Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'procmail is not a security risk' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
procmail is not a security risk
Authored by: bighouse on Dec 17, '01 01:48:03AM

Chas, procmail is a local delivery agent (LDA), it cannot send email and it cannot receive it either, all it can do is deliver it. It does not listen on any port for network connections. It cannot act as an open mail relay.

But you're right, security concerns should always be attended to! One of the goals of this excercise was to avoid starting sendmail, which does listen on port 25, and which can be configured as an open relay, and which has a history of security exploits (some recent). Apparently some people have been starting sendmail just to use access.db. I can understand their frustration, but unless they're well firewalled, I wouldn't recommend it...


[ Reply to This | # ]