Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2

From: Ollivier Robert (robertoat_private)
Date: Mon Jul 19 1999 - 09:33:17 PDT

Next message: Jim Hebert: "Re: AMaViS virus scanner for Linux - root exploit"

Previous message: Nobuo Miwa: "IIS respond private address"
Maybe in reply to: David Luyer: "Mail relay vulnerability in RedHat 5.0, 5.1, 5.2"
Next in thread: Matt Dunn: "Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

According to David Luyer:
> Users of sendmail 8.9.x of course have no problem, neither do those who
> have updated their mail relay prevention rulesets recently, but I think
> there are enough RedHat 5.0, 5.1 and 5.2 users who are unaware of the
> problem to make it worth sending this out.

Note that both Postfix and qmail are immune to this problem even though the
smtpd daemon answer "250" to the RCPT TO command. Due ot the architecture
of both programs, smtpd has no way to validate or not the "user" part of
the address and the mail will bounce (i.e. il will NOT be relayed).

Exim doesn't seem to be vulnerable (dixit P. Hazel in a discussion accross
postfix and exim mailing-lists).
--
Ollivier ROBERT -=- Eurocontrol EEC/TEC -=- robertoat_private
The Postman hits! The Postman hits! You have new mail.

Next message: Jim Hebert: "Re: AMaViS virus scanner for Linux - root exploit"
Previous message: Nobuo Miwa: "IIS respond private address"
Maybe in reply to: David Luyer: "Mail relay vulnerability in RedHat 5.0, 5.1, 5.2"
Next in thread: Matt Dunn: "Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:52:45 PDT