[Spambayes] security of server ports

Frank Stajano fms27 at cam.ac.uk
Sat Sep 20 00:15:26 EDT 2003


As a security professional it is my duty to be paranoid. Since spambayes 
(or more correctly its proxies) opens some listener sockets, it would be 
nice if (a) by default it only accepted connections from localhost on those 
sockets, refusing to serve any others, and nonetheless (b) issued a warning 
anytime it detected a connection request on those sockets from any other 
machine.

Same thing for the local web server offering the configuration interface.

   Frank (filologo disneyano) http://www-lce.eng.cam.ac.uk/~fms27/




More information about the Spambayes mailing list