Matt Dunn wrote: > > Actually, the default install of 8.9.3 does NOT in and of itself fix this > problem. I'm looking into the rulesets that will specifically handle this. The vulnerable rules seem to be the ones from Claus Aussman and many derived from them, including a set of rules I wrote by myself. I fixed them by replacing the part which checks for a local recipient with the more complex set from RedHat 6.0 that appears to take care of dequoting the recipient address. I hope this could be of help for users of home-made rules. # remove local part, maybe repeatedly R$*<@$=w.>$* $>3 $1 $3 # If you want to use RelayTo uncomment the following line R$*<@$*$={RelayTo}.>$* $>3 $1 $4 R$*<@$+>$* $#error $@ 5.7.1 $: "571 Relay denied" --------------------Replace with: # remove local part, maybe repeatedly R$+ $:$>removelocal $1 # still something left? R$*<@$+>$* $#error $@ 5.7.1 $: "571 Relay denied" Sremovelocal # remove RelayTo part (maybe repeatedly) R$*<@$*$={RelayTo}.>$* $>3 $1 $4 R$*<@$=w.>$* $: $>removelocal $>3 $1 $3 R$*<@$*>$* $@ $1<@$2>$3 # dequote local part R$- $: $>3 $(dequote $1 $) R$*<@$*>$* $: $>removelocal $1<@$2>$3 Bye! -- Daniele ------------------------------------------------------------------------------- Daniele Orlandi - Utility Line Italia Via Mezzera 29/A - 20030 - Seveso (MI) - Italy -------------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:53:19 PDT