Bug#840837: marked as done (sendmail: GreetPause:localhost in access file has unexpected consequences)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 30 Nov 2016 19:41:15 +0000
with message-id <E1cCAkl-0005wi-68@fasolo.debian.org>
and subject line Bug#840837: fixed in sendmail 8.15.2-7
has caused the Debian Bug report #840837,
regarding sendmail: GreetPause:localhost in access file has unexpected consequences
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
840837: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840837
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: sendmail: GreetPause:localhost in access file has unexpected consequences
• From: Michael Grant <mgrant@grant.org>
• Date: Sat, 15 Oct 2016 08:36:12 -0400
• Message-id: <147653497244.17679.13989678113839071829.reportbug@strange.networkguild.org>

Package: sendmail
Version: 8.15.2-6
Severity: normal

Dear Maintainer,

If you put lines like this in the access file:

    GreetPause:localhost 0

This allows spammers to by-pass the greet pause by simply setting
their reverse dns (PTR record) to 'localhost'.  When this happens, I
see lines like this in the log file:

Oct  7 03:53:18 example sm-mta[9080]: NOQUEUE: connect from localhost [1.2.3.4] (may be forged)

and greetpause gets bypassed.

Simply by changing the line to use an ip address:

    GreetPause:127.0.0.1 0

causes the sendmail to properly allow only localhost (127.0.0.1) to
bypass the greetpause.

In other words, the access file did not do a dns lookup on 'localhost'
in the access file before checking for a match.

Secondly, and I think greetpause matched on the forged name rather
than the real ip address from the network connection.

-- Package-specific info:
Output of /usr/share/bug/sendmail/script:

ls -alR /etc/mail:
/etc/mail:
total 1060
drwxr-sr-x   8 smmta smmsp  4096 Oct 14 19:59 .
drwxr-xr-x 145 root  root  12288 Oct 15 07:27 ..
-rwxr-xr--   1 root  smmsp 12681 Sep 24 04:27 Makefile
-rw-r--r--   1 root  smmsp 59488 Oct 14 19:59 access
-rw-r-----   1 smmta smmsp 86016 Oct 14 19:59 access.db
-rw-r--r--   1 root  smmsp 59422 Oct 10 18:00 access.old
-rw-r--r--   1 smmta smmsp   281 Feb 11  2013 address.resolve
-rw-r--r--   1 smmta smmsp 17989 Oct  9 16:45 aliases
-rw-r--r--   1 smmta smmsp 40960 Oct  9 16:45 aliases.db
-rw-r--r--   1 root  smmsp 17877 Oct  9 16:45 aliases.old
drwxr-sr--   2 smmta smmsp  4096 Mar  4  2016 certs
-rw-r--r--   1 smmta smmsp 16675 Mar 12  2014 charm.networkguild.org.mc
-rw-r--r--   1 root  smmsp  3739 Sep 24 04:27 databases
-rw-r-----   1 smmta smmsp    56 Mar 22  2015 default-auth-info
-rw-r--r--   1 root  smmsp   235 Oct  9 16:45 genericstable
-rw-r-----   1 root  smmsp 12288 Oct  9 16:45 genericstable.db
-rw-r--r--   1 root  smmsp   235 Oct  9 16:45 genericstable.old
-rw-r--r--   1 smmta smmsp  5659 May 10  2015 helpfile
-rw-r--r--   1 smmta smmsp  1419 Oct  9 16:45 local-host-names
-rw-r--r--   1 root  smmsp  1419 Oct  9 16:45 local-host-names.old
drwxr-sr-x   2 smmta smmsp  4096 Oct 15 07:24 m4
-rw-r--r--   1 smmta smmsp   300 Oct  9 16:45 mailertable
-rw-r-----   1 root  smmsp 12288 Oct  9 16:45 mailertable.db
-rw-r--r--   1 root  smmsp   300 Oct  9 16:45 mailertable.old
drwxr-xr-x   2 smmta smmsp  4096 Sep 23 05:42 peers
-rw-r--r--   1 root  smmsp     0 Dec 25  2015 relay-domains
drwxr-xr-x   2 smmta smmsp  4096 May 20  2015 sasl
-rw-r--r--   1 root  smmsp 84657 Sep 24 04:27 sendmail.cf
-rw-r--r--   1 root  smmsp 84429 Jan 29  2016 sendmail.cf.backup-BD
-rw-r--r--   1 root  root  84748 Sep 23 05:43 sendmail.cf.old
-rw-r--r--   1 root  root  12236 Sep 23 05:43 sendmail.conf
-rw-r--r--   1 root  smmsp 10742 Sep 24 04:27 sendmail.mc
-rw-r--r--   1 root  smmsp 11061 Mar  4  2016 sendmail.mc-
-rw-r--r--   1 root  smmsp 10704 Jan 29  2016 sendmail.mc.backup-BD
-rw-r--r--   1 smmta smmsp   149 Feb 11  2013 service.switch
-rw-r--r--   1 smmta smmsp   180 Feb 11  2013 service.switch-nodns
drwxr-sr-x   2 smmta smmsp  4096 May 20  2015 smrsh
lrwxrwxrwx   1 root  root     15 Aug 29 17:14 spamassassin -> ../spamassassin
-rw-r--r--   1 root  smmsp 44696 Sep 23 05:43 submit.cf
-rw-r--r--   1 root  root  44695 Sep 23 05:43 submit.cf.old
-rw-r--r--   1 root  smmsp  2453 Sep 23 05:43 submit.mc
drwxr-xr-x   2 smmta smmsp  4096 Feb 24  2016 tls
-rw-r--r--   1 smmta smmsp     6 Jan 10  2015 trusted-users
-rw-r--r--   1 smmta smmsp 37416 Oct  9 16:45 virtusertable
-rw-r-----   1 root  smmsp 86016 Oct  9 16:45 virtusertable.db
-rw-r--r--   1 root  smmsp 37256 Oct  9 16:45 virtusertable.old

/etc/mail/certs:
total 0
d????????? ? ? ? ?            ? .
d????????? ? ? ? ?            ? ..
l????????? ? ? ? ?            ? 38d751eb.0
l????????? ? ? ? ?            ? 6e803117.0
-????????? ? ? ? ?            ? dh_2048.pem
-????????? ? ? ? ?            ? dh_4096.pem
l????????? ? ? ? ?            ? f131b364.0
-????????? ? ? ? ?            ? geotrust-ca.crt
-????????? ? ? ? ?            ? networkguild.org.crt
-????????? ? ? ? ?            ? networkguild.org.csr
-????????? ? ? ? ?            ? networkguild.org.key
-????????? ? ? ? ?            ? strange.networkguild.org.crt
-????????? ? ? ? ?            ? strange.networkguild.org.csr
-????????? ? ? ? ?            ? strange.networkguild.org.key
-????????? ? ? ? ?            ? sub.class1.server.ca.pem

/etc/mail/m4:
total 12
drwxr-sr-x 2 smmta smmsp 4096 Oct 15 07:24 .
drwxr-sr-x 8 smmta smmsp 4096 Oct 14 19:59 ..
-rw-r--r-- 1 root  root   789 Jul  3  2014 clamav-milter.m4
-rw-r----- 1 root  smmsp    0 Mar 12  2014 dialup.m4
-rw-r----- 1 root  smmsp    0 Mar 12  2014 provider.m4

/etc/mail/peers:
total 12
drwxr-xr-x 2 smmta smmsp 4096 Sep 23 05:42 .
drwxr-sr-x 8 smmta smmsp 4096 Oct 14 19:59 ..
-rw-r--r-- 1 root  root   328 Feb 11  2013 provider

/etc/mail/sasl:
total 16
drwxr-xr-x 2 smmta smmsp 4096 May 20  2015 .
drwxr-sr-x 8 smmta smmsp 4096 Oct 14 19:59 ..
-rw-r----- 1 smmta smmsp  885 May 20  2015 Sendmail.conf.2
-rwxr--r-- 1 root  root  3689 Sep 23 05:43 sasl.m4

/etc/mail/smrsh:
total 8
drwxr-sr-x 2 smmta smmsp 4096 May 20  2015 .
drwxr-sr-x 8 smmta smmsp 4096 Oct 14 19:59 ..
lrwxrwxrwx 1 root  smmsp   26 May 20  2015 mail.local -> /usr/lib/sm.bin/mail.local
lrwxrwxrwx 1 root  smmsp   17 May 20  2015 procmail -> /usr/bin/procmail

/etc/mail/tls:
total 48
drwxr-xr-x 2 smmta smmsp 4096 Feb 24  2016 .
drwxr-sr-x 8 smmta smmsp 4096 Oct 14 19:59 ..
-rw-r--r-- 1 root  root     7 May 20  2015 no_prompt
-rw------- 1 root  root  1191 May 20  2015 sendmail-client.cfg
lrwxrwxrwx 1 root  root    45 Aug  4  2015 sendmail-client.crt
-rw------- 1 root  root  1005 May 20  2015 sendmail-client.csr
lrwxrwxrwx 1 root  root    45 Aug  4  2015 sendmail-common.key
-rw-r----- 1 root  smmsp 1598 May 20  2015 sendmail-common.prm
-rw------- 1 root  root  1191 May 20  2015 sendmail-server.cfg
lrwxrwxrwx 1 root  root    45 Aug  4  2015 sendmail-server.crt
-rw------- 1 root  root  1005 May 20  2015 sendmail-server.csr
-rwxr--r-- 1 root  root  3264 Sep 23 05:43 starttls.m4

sendmail.conf:
DAEMON_NETMODE="Static";
DAEMON_NETIF="eth0";
DAEMON_MODE="Daemon";
DAEMON_PARMS="";
DAEMON_HOSTSTATS="No";
DAEMON_MAILSTATS="No";
QUEUE_MODE="${DAEMON_MODE}";
QUEUE_INTERVAL="10m";
QUEUE_PARMS="";
MSP_MODE="Cron";
MSP_INTERVAL="20m";
MSP_PARMS="";
MSP_MAILSTATS="${DAEMON_MAILSTATS}";
MISC_PARMS="";
CRON_MAILTO="root";
CRON_PARMS="";
LOG_CMDS="No";
HANDS_OFF="No";
AGE_DATA="";
DAEMON_RUNASUSER="No";
DAEMON_STATS="${DAEMON_MAILSTATS}";
MSP_STATS="${MSP_MAILSTATS}";


sendmail.mc:
divert(-1)dnl
divert(0)dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.14.4-4 2013-02-11 11:12:33 cowboy Exp $')
OSTYPE(`debian')
define(`_USE_ETC_MAIL_')dnl
DOMAIN(`debian-mta')dnl
undefine(`confHOST_STATUS_DIRECTORY')dnl        #DAEMON_HOSTSTATS=
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Name=MTA, Port=smtp')dnl
DAEMON_OPTIONS(`Name=MSP, Port=submission, M=Ea')dnl
define(`confLOG_LEVEL', `12')dnl
include(`/etc/mail/tls/starttls.m4')dnl
include(`/etc/mail/sasl/sasl.m4')dnl
define(`confAUTH_OPTIONS', `A,p,y')dnl
define(`confDH_PARAMETERS',`/etc/mail/certs/dh_2048.pem')
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
define(`confCONNECTION_RATE_THROTTLE', `3')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`60s')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
define(`confMAX_DAEMON_CHILDREN', `100')dnl
define(`confTO_IDENT', `0')dnl
define(`confTO_COMMAND', `2m')dnl
define(`confTO_ICONNECT', `15s')dnl
define(`confTO_CONNECT', `3m')dnl
define(`confTO_HELO', `2m')dnl
define(`confTO_MAIL', `1m')dnl
define(`confTO_RCPT', `1m')dnl
define(`confTO_DATAINIT', `1m')dnl
define(`confTO_DATABLOCK', `10m')dnl
define(`confTO_DATAFINAL', `10m')dnl
define(`confTO_RSET', `1m')dnl
define(`confTO_QUIT', `1m')dnl
define(`confTO_MISC', `1m')dnl
define(`confTO_COMMAND', `1m')dnl
define(`confTO_STARTTLS', `2m')dnl
FEATURE(`delay_checks', `friend', `n')dnl
FEATURE(`block_bad_helo')
FEATURE(`badmx')
FEATURE(`use_cw_file')dnl
define(`confCW_FILE', `-o /etc/mail/local-host-names')
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access', `relaytofulladdress')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')
FEATURE(blacklist_recipients)
FEATURE(`greet_pause', `12000')dnl used to be 5 seconds, upped to 12 seconds in June 2015 per
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
FEATURE(local_lmtp)
FEATURE(local_procmail)
FEATURE(`genericstable')dnl
GENERICS_DOMAIN(`example.com')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`nocanonify', `canonify_hosts')
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}, {auth_type}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}, {auth_type}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')
define(`confMILTER_MACROS_ENVRCPT',`r, v, Z, {auth_type}, {greylist}')dnl
INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=S:4m;R:4m;E:10m')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/run/milter-greylist/milter-greylist.sock, F=, T=S:1m;R:1m')dnl
FEATURE(dnswl, `list.dnswl.org')
FEATURE(dnswl, `accredit.habeas.com')
FEATURE(dnswl, `query.bondedsender.org')
FEATURE(dnswl, `whitelist.surriel.com')
FEATURE(dnswl, `dnswl.inps.de')
FEATURE(dnsbl, `b.barracudacentral.org', `"550 Mail from " $&{client_addr} " BLOCKED/BRBL -- see http://www.barracudacentral.org/lookups/ip-reputation?ip="; $&{client_addr}')
FEATURE(dnsbl, `zen.spamhaus.org', `"550 Mail from " $&{client_addr} " BLOCKED/ZEN -- see http://www.spamhaus.org/query/ip/"; $&{client_addr}')
FEATURE(rhsbl, `dbl.spamhaus.org',`"550 Mail from domain " $`'&{RHS} " BLOCKED/DBL -- see http://www.spamhaus.org/query/domain/"; $`'&{RHS}')
FEATURE(dnsbl, `inv-sip.localhost', `"550 Mail from " $&{client_addr} " BLOCKED/INVSIP -- see http://dnsbl.invaluement.com/lookup/?item="; $&{client_addr}')
FEATURE(dnsbl, `inv-sip24.localhost', `"550 Mail from " $&{client_addr} " BLOCKED/INVSIP24 -- see http://dnsbl.invaluement.com/lookup/?item="; $&{client_addr}')
FEATURE(rhsbl, `inv-uri.localhost',`"550 Mail from domain " $`'&{RHS} " BLOCKED/INVURI -- see http://dnsbl.invaluement.com/lookup/?item="; $`'&{RHS}')
FEATURE(dnsbl, `rbl-r.localhost', `"550 Mail from " $&{client_addr} " BLOCKED/RBL+ -- see http://www.mail-abuse.com/cgi-bin/lookup?ip_address="; $&{client_addr}')
FEATURE(dnsbl, `spam.dnsbl.anonmails.de', `"550 Mail from " $&{client_addr} " BLOCKED/ANDE -- see http://anonmails.de/dnsbl.php?ip="; $&{client_addr}')
FEATURE(dnsbl, `rbl-q.localhost', `"450 Mail from " $&{client_addr} " BLOCKED/QIL -- see http://www.mail-abuse.com/cgi-bin/lookup?ip_address="; $&{client_addr}')
MAILER_DEFINITIONS
MAILER(procmail)
MAILER(`smtp')dnl

submit.mc...
divert(-1)dnl
divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: submit.mc, v 8.14.8-1 2014-10-03 13:06:30 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-msp')dnl
define(`confDIRECT_SUBMISSION_MODIFIERS', `C')dnl
FEATURE(`msp', `[127.0.0.1]', `25')dnl


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (750, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.5.5-x86_64-linode69 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sendmail depends on:
ii  sendmail-base  8.15.2-6
ii  sendmail-bin   8.15.2-6
ii  sendmail-cf    8.15.2-6
ii  sensible-mda   8.15.2-6

sendmail recommends no packages.

Versions of packages sendmail suggests:
pn  rmail         <none>
pn  sendmail-doc  <none>

Versions of packages sensible-mda depends on:
ii  libc6                                2.24-3
ii  procmail                             3.22-25
ii  sendmail-bin [mail-transport-agent]  8.15.2-6

Versions of packages libmilter1.0.1 depends on:
ii  libc6  2.24-3

Versions of packages sendmail-bin depends on:
ii  debconf        1.5.59
ii  libc6          2.24-3
ii  libdb5.3       5.3.28-12
ii  libldap-2.4-2  2.4.42+dfsg-2+b3
ii  liblockfile1   1.09-6
ii  libsasl2-2     2.1.26.dfsg1-15
ii  libssl1.0.2    1.0.2j-1
ii  libwrap0       7.6.q-25
ii  procps         2:3.3.12-2
ii  sendmail-base  8.15.2-6
ii  sendmail-cf    8.15.2-6

Versions of packages sendmail-bin suggests:
ii  libsasl2-modules  2.1.26.dfsg1-15
ii  openssl           1.0.2j-1
ii  sasl2-bin         2.1.26.dfsg1-15
pn  sendmail-doc      <none>

-- no debconf information

--- End Message ---

--- Begin Message ---

• To: 840837-close@bugs.debian.org
• Subject: Bug#840837: fixed in sendmail 8.15.2-7
• From: Andreas Beckmann <anbe@debian.org>
• Date: Wed, 30 Nov 2016 19:41:15 +0000
• Message-id: <E1cCAkl-0005wi-68@fasolo.debian.org>

Source: sendmail
Source-Version: 8.15.2-7

We believe that the bug you reported is fixed in the latest version of
sendmail, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 840837@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated sendmail package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 30 Nov 2016 12:32:49 +0100
Source: sendmail
Binary: sendmail-bin rmail sensible-mda libmilter1.0.1 libmilter-dev sendmail-doc sendmail sendmail-base sendmail-cf
Architecture: source
Version: 8.15.2-7
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Description:
 libmilter-dev - Sendmail Mail Filter API (Milter) (development files)
 libmilter1.0.1 - Sendmail Mail Filter API (Milter)
 rmail      - MTA->UUCP remote mail handler
 sendmail   - powerful, efficient, and scalable Mail Transport Agent (metapacka
 sendmail-base - powerful, efficient, and scalable Mail Transport Agent (arch inde
 sendmail-bin - powerful, efficient, and scalable Mail Transport Agent
 sendmail-cf - powerful, efficient, and scalable Mail Transport Agent (config ma
 sendmail-doc - powerful, efficient, and scalable Mail Transport Agent (documenta
 sensible-mda - Mail Delivery Agent wrapper
Closes: 840837 841257 843682
Changes:
 sendmail (8.15.2-7) unstable; urgency=medium
 .
   * QA upload.
   * Fix openssl argument order.  (Closes: #843682)
   * sendmail-bin: Add missing Depends: lsb-base.
   * Stop using dh_buildinfo in favor of dpkg-buildinfo.
   * Enable more hardening flags.
   * debian/examples/db/access: Comment out localhost entries, may be forged.
     (Closes: #840837)
   * Only touch files as smmsp:smmsp in /var/run/sendmail/stampdir (writable by
     group smmsp) to avoid possible privilege escalation.  (Closes: #841257)
Checksums-Sha1:
 6797e584e083de8c29518b33e71193cce0f71f6f 2522 sendmail_8.15.2-7.dsc
 77c866ff57a0c3f06b7021cc257db1662166bfcc 406764 sendmail_8.15.2-7.debian.tar.xz
Checksums-Sha256:
 fc58d44f3e7c0ae863d6b0cef33080cc5455d8c42aca1dbc5f7fb00a58e46429 2522 sendmail_8.15.2-7.dsc
 b0506ba4b2e55de2c4ac2e5b64ae0659fdc1ad781f3be6111eec6f50e4294fdc 406764 sendmail_8.15.2-7.debian.tar.xz
Files:
 9fb79c6cfb122920429619b7055978e5 2522 mail extra sendmail_8.15.2-7.dsc
 d6eaa8111c7fa4ff5a4e64ef6a0d4dbd 406764 mail extra sendmail_8.15.2-7.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYPr+WAAoJEF+zP5NZ6e0I0moQAJCnkejDRxLtziHp5D1vgy3V
DkHiBv8hqqN7DmkCAf7AjbyloyhLAyE/t2PAM3+knyAoL6ZCkWAgdXo/0/kSGjph
n7Je7TfebbbaB6odUVkThbEgLF5j1aetzz5sAt9N010Wk0Y2MzTYvK66igqX5X1D
YZyzK3g64BRDSReJDCFZ5VArvcbMII03VEKovfFr2W7Urg9+h8NHGA5eYYGkc7/c
CrdOTjLez/rpm+rQRyCJWQIZN10XP8RUt+o6llievNCC4mib/0nIn4tNp0b75g5H
3LzW0pXaWbwWt4+Mk6B+fWNpD6zFTVLB3AG2wCjOTbvkhoAIjX4cDYKTGNxrEPet
EjZgn7INBQXRjCF5ExbOJGxJehaJcLD8Ce/xzyIvcRCsM9HbIZ3Y1Lq3dPcRnXay
BV1o/kLbaNzuuHnR2knEMt+CxPCgwNRmcMMCSyzggKJbZK2dppZgX/sk/Bcr2qQ9
BMXFJmZ1NSU+RHfMX3qobsdgguvk6XDusgtLa/E44VJ8g2ICxEz5pbHtDW47Lymt
gkgD+VpS17QQoY2EQk5fmhA8Y02dd44mjfUoCKs7un1rpRQkqCLbEMDXl/Dyh8k2
6rM+Uhl/sXbRSZh/RoReIK7C20wy9+E94XtI5vbyTRBSmwXZMWuJnDyJ9ZjD2dNf
Ng917IsHThQta3UG2Uoi
=LbHI
-----END PGP SIGNATURE-----

--- End Message ---