Bugtraq mailing list archives
Re: sqwebmail web login
From: Tim Nelson <sysadmin () sunet com au>
Date: Thu, 5 Feb 2004 09:57:04 +1100 (EST)
On Tue, 3 Feb 2004, Antonio Messina wrote:
platform: linux 2.4 i386 pachages: qmail+sqwebmail+qmailadmin+vpopmail-vchkpw-auth.NOT with FreeBSD 4.5, kernel GENERIC, sqwebmail 3.3.3, vpopmail 5.2 However, I think it's due to a misconfiguration. Root mailbox does NOT exist in default qmail installation: it's just an alias, not a real valid user.
Sqwebmail reads the filesystem directly, so will be doing this itself. It doesn't depend on the qmail setup. Sqwebmail is part of the Courier suite. While I am using all the other software in the courier suite, I'm using SquirrelMail instead of sqwebmail. Sqwebmail accesses the filesystem directly for performance reasons. But I prefer to keep my web server and mail servers separate. http://www.inter7.com/sqwebmail.html So, I place the blame squarely on sqwebmail. However, I know the Courier folks are quite responsive to security issues, so I've included MrSam on this message. :) -- Tim Nelson Systems Administrator Sunet Internet Tel: +61 3 5241 1155 Fax: +61 3 5241 6187 Web: http://www.sunet.com.au/ Email: sysadmin () sunet com au
Current thread:
- sqwebmail web login Marco Marabelli (Feb 02)
- Re: sqwebmail web login Antonio Messina (Feb 03)
- Re: sqwebmail web login Tim Nelson (Feb 04)
- Re: sqwebmail web login Brian Bothwell (Feb 03)
- <Possible follow-ups>
- Re: sqwebmail web login scott . jefferd (Feb 03)
- Re: sqwebmail web login Antonio Messina (Feb 03)