[3712] in bugtraq
Re: A security issue of a different kind.
daemon@ATHENA.MIT.EDU (Alan Brown)
Fri Nov 29 13:22:23 1996
Date: Sat, 30 Nov 1996 06:14:00 +1300
Reply-To: Alan Brown <alan@manawatu.gen.nz>
From: Alan Brown <alan@manawatu.gen.nz>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <Pine.SUN.3.90.961130041018.3030i-100000@papaioea.manawatu.gen.nz>
The anti mail-relaying stuff is discussed on page 194 of the sendmail
book ("refuse to act as a mail gateway").
I was mailed this fragment about 2 months back when discussing bad
domains. The delay was getting a chance to ask permission to repost it.
Here's the patch (to your sendmail.mc):
---
# added by Josh@actrix.gen.nz
# mail from the domains in /local/lib/mail/banned-domains.txt will berefused
FK /local/lib/mail/banned-domains.txt
R$* < @$*$=K . > $* $#error $@ 5.7.1 $: "This domain isbanned."
R$* < @$*$=K > $* $#error $@ 5.7.1 $: "This domain isbanned."
---
Also this:
I found it someplace off www.harker.com - they're pretty good for sendmail
generall.
----
Finally: I _STRONGLY_ recommend anyone running sendmail sets the privacy
options as follows in sendmail.cf
8.8.x (Linux flavour)
O PrivacyOptions=goaway,restrictmailq,restrictqrun
8.6.x (yes, bad enough in itself)
Op goaway,restrictmailq,restrictqrun
I've seen several spam sites try to walk my userlist via the smtp port,
which is why I removed vrfy/expn. They're not needed and can give away
far too much information.
BTW, I've had in excess of 100 items from earthstar.com and isp-inter.net
in the last week. The latest is from earthstar's management, advertising
themselves as a spam haven. Complaints to Sprint so far have been
ignored. (Sprint provide their connectivity.)
AB
