[ZendTo] Why is sendmail -f option disabled?
tibir at tibir.net
Wed Feb 20 13:55:27 GMT 2013
We are currently evaluating zendto and have deployed the CentOS Virtual
Appliance for ESXi, running zendto 4.11-9
We noticed that the return-path was set to "apache at domain.tld"
After looking at the code, I noticed that the option to set the
return-path is disabled in NSSDropbox.php:
$headers // JKF Commented out for now due to security
// JKF Commented out for now due to security concerns
// '-f "'.$fromAddr.'"'
Can you explain why is it commented? (what are the security concerns you
are referring to)
More information about the ZendTo