Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Linux Community Forums » Email/SMTP Related Forum
  Print view Previous topic | Next topic 
Author Message
John Henry Eden
PostPosted: Sat May 03, 2014 1:28 pm 
Offline
Senior Member

Joined: Fri May 02, 2014 5:20 pm
Posts: 58
Website: http://www.sturmkrieg.ru
Location: Richmond
I installed Postfix on a Debian LAMP server to allow PHP to send emails from the web applications. I did minimal configuration; I only put in the domain to use when it asked.

The "Message-ID" in the email source contains the name of the database and the prefix used by the tables. This isn't technically a vulnerability, but it's undesirable.
Top
   
Reply with quote  
Vance
PostPosted: Sat May 17, 2014 6:38 pm 
Offline
Senior Member
User avatar

Joined: Sun Jan 18, 2009 2:41 pm
Posts: 830
Odd, according to the documentation, the Message-ID should be either YYYYMMDDHHMMSS.queueid@myhostname or queueID@myhostname based on the setting of enable_long_queue_ids. Is this information that's leaking possibly contained in myhostname?
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Linux Community Forums » Email/SMTP Related Forum


Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group