 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Thanks for the comments. I am using the latest secure version. It doesn't use the recipients address as a CGI parameter. I plan to change the name of the script from formmail to some other name in case someone is searching for the name. Jay On Dec 13, 2007 4:48 AM, Tom Metro <[hidden email]> wrote: > James Kramer wrote: > > Is nms-formmail secure? > > Didn't the original version of this script accept the recipient address > as a CGI parameter? That's a security hole in the sense that it turns > your web server into an open mail relay. I'd avoid using any script that > supports such functionality. > > -Tom > > -- > Tom Metro > Venture Logic, Newton, MA, USA > "Enterprise solutions through open source." > Professional Profile: http://tmetro.venturelogic.com/ >
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
