rzsz emails usage stats without user consent

[kris () HUB FREEBSD ORG (Kris Kennaway)]

Recent versions of the (shareware) UNIX rzsz package from Omen Software,
available from ftp://ftp.cs.pdx.edu/pub/zmodem/, contain the "feature"
that if your version is unregistered, it will send mail to rzsz () omen com
each time you upload and download using the software - rz.c and sz.c
contain the following code:

#ifndef REGISTERED
        /* Removing or disabling this code without registering is theft */
        if ((Totfiles > 0) && (!Usevhdrs)) {
                sprintf(endmsg, "echo Unreg %s %s %ld %ld | mail rzsz () omen com",
                  Progname, VERSION, Totfiles, Totbytes );
                system(endmsg);
                canit();
                sleep(4);
                fprintf(stderr, "\n\n\n**** UNREGISTERED COPY *****\r\n");
                fprintf(stderr, "Please read the License Agreement in rz.doc\r\n");
                fflush(stderr);
        }
#endif

This change was detected because the FreeBSD ports system uses an MD5
checksum to verify the integrity of downloaded software - the rzsz.zip
file has a habit of changing regularly, and after one such change this
addition was discovered.

Thanks for Marcin Cieslak <saper () system pl> for identifying this problem.
The rzsz port has since been removed from the FreeBSD ports collection :-)

Kris Kennaway

----
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven!" -- Homer Simpson