Starting with release 1.0, qscanq is guaranteed against security holes and bugs leading to lost emails. The author will give $100 to the first person to report a bug or security hole in qscanq resulting in lost messages, acceptance of infected emails for delivery, or elevation of privileges.
Naturally, security holes in qscanq means just that. If you find security holes in helper applications, the operating system, etc., they are not covered.
Examples of What is Covered
A working exploit, local or remote, that causes qscanq to execute unauthorized code
A working exploit, local or remote, that results in granting of elevated privileges to an attacker
A working exploit, local or remote, that causes messages to be lost, changed, or misdirected, other than the message containing the exploit
Any qscanq bug resulting in lost email messages
Any working remote exploit or qscanq bug that allows remote users to submit virus-infected emails to qmail for delivery. (Note: local users can call qmail-queue directly, and bypass qscanq completely. If local users are a problem, they should be kept behind a firewall and denied login accounts on the mail server machine.)
Examples of What is Not Covered
The following do not qualify for the $100 bounty under the terms of the qscanq guarantee:
OS vulnerabilities. Any vulnerability that existed before qscanq was installed is not considered a qscanq security flaw, whether or not the vulnerability can be exploited in a qscanq instance.
Vulnerabilities in ripmime or in antivir. These programs are invoked by qscanq to unpack MIME components and scan them for viruses. If a security hole is found in either of these, I want to know about it, but they do not fall under the qscanq security guarantee.
Denial of service. Except as set out above, denial of service attacks are not covered. All servers are vulnerable to denial of service attacks, both local and remote. Admins should use ulimits and other standard tools to limit the impact of such attacks, but they cannot be prevented.
Misconfiguration. Any patches to qscanq not provided by the original author invalidate this security guarantee. The same applies to settings, such as ulimits, that cause scanning to fail or otherwise defer messages. If the exploit can be reproduced in an unpatched version of qscanq, or with the offending setting disabled, then this limitation doesn't apply.
