Hypermail has had a utility name mail that is installed in the cgi-bin
directory since the beginning. I personally do not use it due to the
issues listed below. I am not sure why it is still in the baseline.
Is there anyone who uses it ? Reply to me directly if you want. I am trying to determine if it makes sense to just remove it from the baseline completely...
Comments from the mail.c source.
/* ** mail.c ** This tiny CGI program constructs an email form (GET) and ** sends the contents (POST).
/* This program has been set to be useless by default because it
* is probably easy for spammers to use as an open relay. It also
* has problems with enabling malicious use of JavaScript and
* CRLF Injection. Don't enable code below the #else unless you
* are sure that you trust the people who have access to the web
* page it produces.
*/
Thoughts ? I'm asking because I don't if it's in use or simply
historic baggage...
--
Kent Landfield | HYPERMAIL: http://www.hypermail.org/
Email: kent_at_hypermail.org | RFCS: http://www.faqs.org/rfcs/
Received on Wed 12 Feb 2003 05:06:14 PM GMT
This archive was generated by hypermail 2.2.0 : Thu 22 Feb 2007 07:33:54 PM GMT GMT