Contributed by Dengue on from the curse-the-spammer dept.
This looks interesting, maybe I'll try it this weekend...
(Comments are closed)
OpenBSD Journal
Contributed by Dengue on from the curse-the-spammer dept.
This looks interesting, maybe I'll try it this weekend...
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By Alex Farber () farber@cpan.org on mailto:farber@cpan.org
char temp[1000];
char filename[256];
...
strtok(temp, " trn");
sender = strtok(NULL, " trn");
...
sprintf(filename, "/home/%s/.spamfilter/%s-XXXXXXXX", myself, sender);
Comments
By David () on
sprintf and strcpy should _never_ be used.
snprintf and the new asprintf should be used.
Also, use strlcpy in place of strcpy
By David () on
2.) the return value of strtok() should be checked...
3.) spamfilter.register.c needs ctype.h included for toupper().
4.) don't use sprintf. use snprintf or asprintf/free
5.) in spamfilter.cron.c, if src == NULL, you write to syslog.. but later src is read with fgets.. what if src == NULL?
6.) i see a few openlog()'s, but no closelog()'s.
Just a few things I spotted.
By Ryan Cooley () on
There are a few choices:
1. For the user to reply with the word "REGISTER-432341" in the subject (that number being randmomly generated of course).
2. Change the email address to be broken up, or preferedly, an image.
3. Make a special FORM that a human must navigate through, changing some characters, or clicking a few boxes, etc.
Other than that, it is a great idea.
By Phil Munts () phil@munts.net on mailto:phil@munts.net
and only (so far) submission to OBJ. Today
I received the following email:
I have visited www.openbsdjournal.org and noticed that your
website is not listed on some search engines. I am sure
that through our service the number of people who visit
your website will definitely increase. SeekerCenter is a
unique technology that instantly submits your website
to over 500,000 search engines and directories -- a
really low-cost and effective way to advertise your
site. For more details please go to SeekerCenter.net.
Seriously, I've appreciated the comments people
have made about the buffer overflows. I've
learned a lot, and will be cleaning things up
shortly.