3/ One pleasant consequence of my design is that I can respond to STARTTLS by simply killing qmail-smtpd (my child process) and starting a fresh one. So that's what my code does, and this almost certainly explains why it's not vulnerable even though I'm often a bit of a doofus.

---

original post: https://octodon.social/@schmonz/106735049818143673