Can the listowner, if you're out there, confirm that the mailing list DOES in fact set the SMTP-Envelope to the mailing-list-owner or the like? This could either have come to me because my address was still in the SMTP envelope (which would be broken) or if the end-recipient's MTA actually looks at the From: address to send a bounce message (even more broken). Either way, can we get it corrected?
X-Failed-Recipients: rnilsen@localhost From: Mail Delivery System <> To: dredd@megacity.org Subject: Mail delivery failed: returning message to sender Date: Thu, 23 Sep 1999 01:08:00 +0200
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to all of its recipients. The following address(es) failed:
rnilsen@localhost: unknown local-part "rnilsen" in domain "localhost"
------ This is a copy of the message, including all the headers. ------
Return-path: <dredd@megacity.org> Received: from rn (localhost) [127.0.0.1] by rn with esmtp (Exim 2.05 #1 (Debian)) id 11TvO7-0003Mk-01; Thu, 23 Sep 1999 01:01:23 +0200 X-daxnet-delivery-id: 199909221316 Received: from pop1.c2i.net by fetchmail-4.6.4 POP3 for <rnilsen/localhost> (single-drop); Thu, 23 Sep 1999 01:01:23 CEST Received: from lists.suse.com (host1.colo.suse.com [209.144.167.132]) by falk.c2i.net (8.9.3/8.9.3) with SMTP id PAA19336 for <rnilsen@c2i.net>; Wed, 22 Sep 1999 15:16:00 +0200 (MET DST) Received: (qmail 12689 invoked by alias); 22 Sep 1999 13:21:57 -0000 Mailing-List: contact suse-security-help@suse.com; run by ezmlm Precedence: bulk X-No-Archive: yes list-help: <mailto:suse-security-help@suse.com> list-unsubscribe: <mailto:suse-security-unsubscribe@suse.com> list-post: <mailto:suse-security@suse.com> X-Mailinglist: suse-security Delivered-To: mailing list suse-security@suse.com Received: (qmail 12682 invoked from network); 22 Sep 1999 13:21:57 -0000 Delivered-To: suse-security@suse.com Message-Id: <4.2.0.58.19990922061324.00a63ad0@mail.megacity.org> X-Sender: dredd@mail.megacity.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Wed, 22 Sep 1999 06:14:52 -0700 To: Stephan Lauffer <lauffer@ph-freiburg.de>, cogNiTioN <cognition@bigfoot.com> From: Derek Balling <dredd@megacity.org> Cc: Peter Griessl <griessl@ihs.ac.at>, suse-security@suse.com In-Reply-To: <Pine.LNX.4.10.9909221449400.8166-100000@lis1.ph-freiburg.d e> References: <Pine.LNX.3.96.990922102549.26926A-100000@Pingu.cognite.net> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Subject: Re: [suse-security] nscd and other demons Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by falk.c2i.net id PAA19336 X-UIDL: 7e1d5eda2b21d85bcef7609360f2ea37
At 02:56 PM 9/22/99 +0200, Stephan Lauffer wrote:
Maybe - if you´re the sysadmin of a server, you must check and modify the system in any cases. A "normal user" instead normally does not have a internet connection 24h a day and also no static ip-adress. So it´s not very important, if the security-level of the system is not very high.
I would contest this. In the US, at least, 24h/static is becoming a fairly common beast, with the proliferation of Cable Modems and xDSL. Considering that the "power user" is the one most likely to go for those connection options, and the "power user" is also the one most likely to be running Linux, there's a correlation there that should not be overlooked.
... because "power user" != "knowledgeable system administrator"
D
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com