[21387] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: poprelayd and sendmail relay authentication problem (Cobalt

daemon@ATHENA.MIT.EDU (Christopher X. Candreva)
Sat Jul 7 15:58:40 2001

Date: Fri, 6 Jul 2001 16:04:16 -0400 (EDT)
From: "Christopher X. Candreva" <chris@westnet.com>
To: <bugtraq@securityfocus.com>
In-Reply-To: <Pine.SOL.4.21.0107060949040.20706-100000@fractal.cimat.mx>
Message-ID: <Pine.GSO.4.33.0107061602211.16143-100000@westnet>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Fri, 6 Jul 2001, Ram'on Reyes Carri'on wrote:

> A quick workaround that I have just applied is to make sure that the
> string does not contain /sendmail/ so it cannot be injected into syslog
> via sendmail (may be injected some other way!).

Another workaround is to simply have your POP/IMAP daemons log to their own
facility (ie -- one of the locals). We've done this for years anyway, as it
makes using the logs to find problems much easier.


==========================================================
Chris Candreva  -- chris@westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[21387] in bugtraq

Re: poprelayd and sendmail relay authentication problem (Cobalt

daemon@ATHENA.MIT.EDU (Christopher X. Candreva)Sat Jul 7 15:58:40 2001

daemon@ATHENA.MIT.EDU (Christopher X. Candreva)
Sat Jul 7 15:58:40 2001