[nSLUG] apache used to generate spam

D G Teed donald.teed at gmail.com
Thu Apr 16 11:44:56 ADT 2009


On Thu, Apr 16, 2009 at 11:04 AM, D G Teed <donald.teed at gmail.com> wrote:

> On Thu, Apr 16, 2009 at 10:31 AM, D G Teed <donald.teed at gmail.com> wrote:
>
>> I can fix postfix to only deliver mail for our domain as that will
>> be a suitable workaround for our needs.  But I still want to find
>> and eliminate whatever CGI is weak.  Many of our forms use
>> alienform, which uses recipient data within a text file, not HTML form,
>> to make it more secure.
>
>
> I just checked and had not realized before that alienform.cgi is
> no longer supported and has a 2002 security advisory against it.
> I think that will be our main target to fix - likely by replacing it.
>
> What is the best of breed form to mail CGI these days?
>
> --Donald
>

BTW, our version was the older verson.  The 2002 security flaw is
in the newer one, but I would expect the older version to also
have issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/mailman/private/nslug/attachments/20090416/c87291d8/attachment.html>


More information about the nSLUG mailing list