[9115] in bugtraq
Re: Sendmail 8.8.x/8.9.x bugware
daemon@ATHENA.MIT.EDU (Brock Rozen)
Tue Jan 19 13:28:38 1999
Date: Mon, 18 Jan 1999 23:10:23 +0200
Reply-To: Brock Rozen <brozen@torah.org>
From: Brock Rozen <brozen@TORAH.ORG>
X-To: Michal Zalewski <lcamtuf@IDS.PL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.05.9901181758440.5243-100000@dione.ids.pl>
On Mon, 18 Jan 1999, Michal Zalewski wrote:
> > 550 <rhialto@hacker.some.place.else@victim.some.where>... Relaying denied
>
> As you noticed, relaying is denied in your configuration ;P This attack is
> possible if relaying is enabled, and it allows multiple redirections
> trough protected or external networks, which shouldn't be allowed.
Is stuff like <nobody%example.com@victim.some.where> allowed through?
--
Brock Rozen brozen@torah.org
Director of Technical Services (410)358-9800
Project Genesis http://www.torah.org/
