[hashcash] Re: major postfix suckage

• From: Kyle Hasselbacher <kyle@xxxxxxxxxxx>
• To: hashcash@xxxxxxxxxxxxx
• Date: Thu, 26 Aug 2004 07:55:06 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eric S. Johansson wrote:
[...]
| which means I need to build my own queue for stamps.  *FiretrUCK*

"Globalizing" hashcash-sendmail so that it queues and stamps for everyone on
a system (not just one user) might not be that hard.  The biggest problem
with doing that is that it's egregiously insecure.  Probably the worst thing
it does is read from stdin and eval() that string without looking at it at
all.  The assumption I made was "no one tries to hack oneself."

Given that, though, you'd have a stamper that you could bolt onto more
mailers than just Postfix.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBLd2qzS7R/flctWYRAhGoAJ9mZjqYIC12fHxPI0VgIge1jjbp1QCgoZyH
pEckOXSmWZPcoeSpJ59Em+c=
=CoAk
-----END PGP SIGNATURE-----

• Follow-Ups:
  • [hashcash] Re: major postfix suckage
    • From: Eric S. Johansson

• References:
  • [hashcash] major postfix suckage
    • From: Eric S. Johansson

Other related posts:

• » [hashcash] major postfix suckage
• » [hashcash] Re: major postfix suckage
• » [hashcash] Re: major postfix suckage
• » [hashcash] Re: major postfix suckage
• » [hashcash] Re: major postfix suckage
• » [hashcash] Re: major postfix suckage

1. Home
2. hashcash
3. Archive
4. 08-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---