This patch is for the following versions of INN

	1.5.1, 1.5, 1.4unoff4, 1.4unoff3, 1.4sec

to be applied *after* first applying one of 

	security-patch.01	1.5
	security-patch.02	1.4sec
	security-patch.03	1.4unoff3 1.4unoff4

which can be found in ftp.isc.org:/isc/inn/patches.
---------------------------------------------------------------------------
*** parsecontrol.pl1	Sun Mar 23 16:33:37 1997
--- parsecontrol	Sun Mar 23 16:35:05 1997
***************
*** 16,22 ****
  ZN=0123456789
  # Attempt to sanitize the address
  FROM="`echo \"$1\" | tr ${AZ} ${az} | tr -dc \\\055${az}${ZN}+_.@%`"
! REPLYTO="$2"
  case "$3" in
  "")
      ARTICLE=/dev/null
--- 16,22 ----
  ZN=0123456789
  # Attempt to sanitize the address
  FROM="`echo \"$1\" | tr ${AZ} ${az} | tr -dc \\\055${az}${ZN}+_.@%`"
! REPLYTO="`echo \"$2\" | tr ${AZ} ${az} | tr -dc \\\055${az}${ZN}+_.@%`"
  case "$3" in
  "")
      ARTICLE=/dev/null
***************
*** 29,34 ****
--- 29,60 ----
      ;;
  esac
  PATHHOST="$4"
+ 
+ # Catch an address left with a leading '-' just in case...
+ case "X$FROM" in
+     X-*) 
+         if $MAILFAILURES; then
+             ${SED} -e 's/^~/~~/' < ${ARTICLE} \
+                 | ${MAILCMD} -s "Bad FROM address" ${NEWSMASTER}
+         fi
+         cat ${ARTICLE} |
+             writelog $MOST_LOGS/badcontrol.log "`date` Bad FROM address"
+         exit
+         ;;
+ esac
+ 
+ case "X$REPLYTO" in
+     X-*)
+         if $MAILFAILURES; then
+             ${SED} -e 's/^~/~~/' < ${ARTICLE} \
+                 | ${MAILCMD} -s "Bad REPLY-TO address" ${NEWSMASTER}
+         fi
+         cat ${ARTICLE} |
+             writelog $MOST_LOGS/badcontrol.log "`date` Bad REPLY-TO
+ address"
+         exit
+         ;;
+ esac
  
  umask 002
  TEMP=${TMPDIR}/ctl$$