Jeroen Massar wrote:
> security@xxxxxxxxxxxx wrote:
>> _______________________________________________________________________
>>
>> Mandriva Linux Security Advisory MDKSA-2007:101
>> http://www.mandriva.com/security/
>> _______________________________________________________________________
>>
>> Package : vim
>> Date : May 9, 2007
>> Affected: 2007.0, 2007.1
>
> But the subject line reads:
>
> [ MDKSA-2007:101 ] - Updated bind packages fix vulnerability
>
> So is this a spoof or is this a spoof?
> Or did somebody make a booboo at Mandriva. The PGP key seems to at least
> check out for the fact that the signature on the part of the message
> that is signed is correct. As the PGP key is not in the strong set it
> can't be really trusted of course.
Also setting a Reply-To: to a broken xsecurity@xxxxxxxxxxxx absolutely
doesn't make any sense (unless you want to partially overcome the
problem of vacation messages getting bounced back, but hey those people
will nicely ignore your Reply-To anyway....)
--
This is the Postfix program at host imap.mandriva.com.
I'm sorry to have to inform you that your message could not be
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The Postfix program
<xsecurity@xxxxxxxxxxxx>: host
/var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp] said: 550-Mailbox
unknown. Either there is no mailbox associated with this 550-name
or you
do not have authorization to see it. 550 5.1.1 User unknown (in reply to
RCPT TO command)
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/