Bugtraq mailing list archives
Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2
From: callison () OU EDU (Callison, James P)
Date: Mon, 26 Jul 1999 16:05:20 -0500
The sendmail.cf that comes with RedHat 5.x (sendmail 8.8.7) doesn't work against the open relay problem, although it does contain most of the rules needed to do so. The way I got around it was to cut out the Scheck_rcpt and Sremove_local stuff in sendmail.cf and replace them with similar rulesets I found at http://www.sendmail.org/~ca/email/check.html#check_rcpt . The Scheck_rcpt and Sremovelocal sections listed here will stop all of the (currently) known relaying methods. I originally tried editing the existing sendmail.cf sections, but that didn't work (I must've screwed somthing up, 'cause it started relaying *everything*), so I eventually cut out both existing sections and pasted in the sections on said Web page. Once I did the cut-n-paste thing, I got my machine out of the ORBS (http://www.orbs.com) database. If it doesn't stop all unauthorized relaying, it at least blocks enough that ORBS can't relay through it. James James P. Callison Network Administrator The University of Oklahoma Law Center callison () ou edu Dumb things don't happen by accident. It takes a highly skilled village of idiots. -- AutoWeek, 29 Dec 1997 -----Original Message----- From: Matt Dunn [mailto:matt () ELECTROCENTRIC COM] Sent: Thursday, July 22, 1999 2:43 PM To: BUGTRAQ () SECURITYFOCUS COM Subject: Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2
Users of sendmail 8.9.x of course have no problem, neither do those who
have
updated their mail relay prevention rulesets recently, but I think there
are
enough RedHat 5.0, 5.1 and 5.2 users who are unaware of the problem to make
it
worth sending this out.
Actually, the default install of 8.9.3 does NOT in and of itself fix this problem. I'm looking into the rulesets that will specifically handle this. -Matt
Current thread:
- Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2 Callison, James P (Jul 26)