[11078] in bugtraq
Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2
daemon@ATHENA.MIT.EDU (Ollivier Robert)
Tue Jul 20 15:47:23 1999
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990719183317.A57543@caerdonn.eurocontrol.fr>
Date: Mon, 19 Jul 1999 18:33:17 +0200
Reply-To: Ollivier Robert <roberto@EUROCONTROL.FR>
From: Ollivier Robert <roberto@EUROCONTROL.FR>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <199907161012.SAA19339@typhaon.ucs.uwa.edu.au>; from David Luyer
on Fri, Jul 16, 1999 at 06:12:54PM +0800
According to David Luyer:
> Users of sendmail 8.9.x of course have no problem, neither do those who
> have updated their mail relay prevention rulesets recently, but I think
> there are enough RedHat 5.0, 5.1 and 5.2 users who are unaware of the
> problem to make it worth sending this out.
Note that both Postfix and qmail are immune to this problem even though the
smtpd daemon answer "250" to the RCPT TO command. Due ot the architecture
of both programs, smtpd has no way to validate or not the "user" part of
the address and the mail will bounce (i.e. il will NOT be relayed).
Exim doesn't seem to be vulnerable (dixit P. Hazel in a discussion accross
postfix and exim mailing-lists).
--
Ollivier ROBERT -=- Eurocontrol EEC/TEC -=- roberto@eurocontrol.fr
The Postman hits! The Postman hits! You have new mail.
