According to David Luyer: > Users of sendmail 8.9.x of course have no problem, neither do those who > have updated their mail relay prevention rulesets recently, but I think > there are enough RedHat 5.0, 5.1 and 5.2 users who are unaware of the > problem to make it worth sending this out. Note that both Postfix and qmail are immune to this problem even though the smtpd daemon answer "250" to the RCPT TO command. Due ot the architecture of both programs, smtpd has no way to validate or not the "user" part of the address and the mail will bounce (i.e. il will NOT be relayed). Exim doesn't seem to be vulnerable (dixit P. Hazel in a discussion accross postfix and exim mailing-lists). -- Ollivier ROBERT -=- Eurocontrol EEC/TEC -=- robertoat_private The Postman hits! The Postman hits! You have new mail.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:52:45 PDT