From owner-freebsd-isp Tue May 21 11:24:10 2002 Delivered-To: freebsd-isp@freebsd.org Received: from arnold.neland.dk (0x3ef34d96.albnxx2.adsl.tele.dk [62.243.77.150]) by hub.freebsd.org (Postfix) with ESMTP id D06E237B400 for ; Tue, 21 May 2002 11:24:02 -0700 (PDT) Received: from gina ([192.168.5.109]) by arnold.neland.dk (8.12.2/8.12.2) with SMTP id g4LIOKG8089405; Tue, 21 May 2002 20:24:21 +0200 (CEST) (envelope-from leifn@neland.dk) Message-ID: <03b701c200f4$b7287f60$6d05a8c0@neland.dk> From: "Leif Neland" To: "Chad Ziccardi" Cc: References: <20020521123108.I81701-100000@digitalfreaks.org> Subject: Re: OT: FormMail.pl, HTTP_REFERER Date: Tue, 21 May 2002 20:24:13 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Any ideas how to maintain a list of allowed_recipients when using FormMail.pl on a server with many virtual hosts? Leif ----- Original Message ----- From: "Chad Ziccardi" To: "Leif Neland" Sent: Tuesday, May 21, 2002 6:31 PM Subject: Re: OT: FormMail.pl, HTTP_REFERER > begin quote from Leif Neland written 2002-05-21: > > > FormMail.pl checks for HTTP_REFERER, if it's there, and allows (ab)use if > > it is not. > > > > With modern browsers, can I be sure HTTP_REFERER is set when FormMail.pl > > is called from a form? > > Matts scripts are know for security issues (mainly relaying spam thru them) > > check out nms-cgi.sourceforge.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message