[Spambayes] security of server ports
Frank Stajano
fms27 at cam.ac.uk
Sat Sep 20 00:15:26 EDT 2003
As a security professional it is my duty to be paranoid. Since spambayes
(or more correctly its proxies) opens some listener sockets, it would be
nice if (a) by default it only accepted connections from localhost on those
sockets, refusing to serve any others, and nonetheless (b) issued a warning
anytime it detected a connection request on those sockets from any other
machine.
Same thing for the local web server offering the configuration interface.
Frank (filologo disneyano) http://www-lce.eng.cam.ac.uk/~fms27/
More information about the Spambayes
mailing list