Hi! This is the ezmlm program. I'm managing the
bugtraq@securityfocus.com mailing list.
I'm working for my owner, who can be reached
at bugtraq-owner@securityfocus.com.
Messages to you from the bugtraq mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the bugtraq mailing list,
without further notice.
I've kept a list of which messages from the bugtraq mailing list have
bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<bugtraq-get.123_145@securityfocus.com>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<bugtraq-index@securityfocus.com>
Here are the message numbers:
6426
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 26483 invoked from network); 17 Sep 2002 15:48:23 -0000
Received: from unknown (HELO securityfocus.com) (205.206.231.9)
by 205.206.231.19 with SMTP; 17 Sep 2002 15:48:23 -0000
Received: (qmail 6855 invoked by alias); 17 Sep 2002 13:19:40 -0000
Received: (qmail 5717 invoked from network); 17 Sep 2002 13:19:22 -0000
Received: from unknown (HELO outgoing.securityfocus.com) (205.206.231.26)
by 205.206.231.9 with SMTP; 17 Sep 2002 13:19:22 -0000
Received: by outgoing.securityfocus.com (Postfix)
id C336B9E944; Mon, 16 Sep 2002 13:06:04 -0600 (MDT)
Date: Mon, 16 Sep 2002 13:06:04 -0600 (MDT)
From: MAILER-DAEMON@outgoing.securityfocus.com (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: bugtraq-return-6426-list-bugtraq=spinics.net@securityfocus.com
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="583F78F2CC.1032202999/outgoing.securityfocus.com"
Message-Id: <20020916190604.C336B9E944@outgoing.securityfocus.com>
This is a MIME-encapsulated message.
--583F78F2CC.1032202999/outgoing.securityfocus.com
Content-Description: Notification
Content-Type: text/plain
This is the Postfix program at host outgoing.securityfocus.com.
I'm sorry to have to inform you that the message returned
below could not be delivered to one or more destinations.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the message returned below.
The Postfix program
<list-bugtraq@spinics.net>: Name service error for spinics.net: Host not found,
try again
--583F78F2CC.1032202999/outgoing.securityfocus.com
Content-Description: Delivery error report
Content-Type: message/delivery-status
Reporting-MTA: dns; outgoing.securityfocus.com
Arrival-Date: Fri, 13 Sep 2002 08:01:31 -0600 (MDT)
Final-Recipient: rfc822; list-bugtraq@spinics.net
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Postfix; Name service error for spinics.net: Host not found,
try again
--583F78F2CC.1032202999/outgoing.securityfocus.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.19])
by outgoing.securityfocus.com (Postfix) with QMQP
id 583F78F2CC; Fri, 13 Sep 2002 08:01:31 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 14773 invoked from network); 13 Sep 2002 00:56:11 -0000
Date: Fri, 13 Sep 2002 02:12:23 +0100
From: Nick Lamb <njl98r@ecs.soton.ac.uk>
To: "Greg A. Woods" <woods@weird.com>
Subject: Re: Password Security Policy Question
Message-ID: <20020913021223.A25622@ecs.soton.ac.uk>
Mail-Followup-To: "Greg A. Woods" <woods@weird.com>,
bugtraq@securityfocus.com
References: <Pine.LNX.4.21.0209101131110.4471-100000@dt26453.dstsystems.com> <Pine.LNX.4.44.0209102029360.1985-100000@dent.suse.de> <20020911010757.4B19FAC@proven.weird.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="7AUc2qLy4jB3hD7Z"
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20020911010757.4B19FAC@proven.weird.com>; from woods@weird.com on Tue, Sep 10, 2002 at 09:07:57PM -0400
--7AUc2qLy4jB3hD7Z
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Tue, Sep 10, 2002 at 09:07:57PM -0400, Greg A. Woods wrote:
> I'm still amazed that nothing has been done with my submitted patches
> since, not in NetBSD nor in any of the other free unix systems so far as
> I know.
The default settings in modern Red Hat and Red Hat-like systems do use
Cracklib to prevent users from choosing very low quality passwords.
The autogenerated PAM configuration on my Red Hat 7.3 system says...
password required /lib/security/pam_cracklib.so retry=3
Sure enough I can't change my password to 'guess' or 'password' or
'01234567' using either the GUI or the passwd program. It's not as
friendly as Mozilla's "password goodness meter" but it will suffice.
Apparently there are moves afoot to replace or augment Cracklib with
Solar Designer's pam_passwdqc in some future version of Red Hat Linux.
Nick.
--7AUc2qLy4jB3hD7Z
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9gTt2JL0BVnQb59gRAi0SAKCvBeKs3y+9dcd8AUm6tAi19WN6dQCgncku
dm/+5A0Uue4UTo+c3NpSQWk=
=xO64
-----END PGP SIGNATURE-----
--7AUc2qLy4jB3hD7Z--
--583F78F2CC.1032202999/outgoing.securityfocus.com--
