Re: sendmail & localhost rDNS
On Monday, 2009-08-10 at 13:46:38 +0200, Thomas Liske wrote:
> last week, there was an article on heise security about MTAs[1] which
> relay mails for hosts having a reverse resolution of 'localhost'. Doing
> a small test shows that sendmail on etch seems to be vulnerable, too. I
> need to have a localhost RELAY line in my access file (which is not
> default AFAIK).
> Will there be a DSA on this issue, since it seems to turn Sendmail
> installations with allowed localhost RELAYing into Open Relays?
Are you saying you want a DSA for a package that does not have that
particular vulnerability, but allows a user to create it?
"Doctor, it hurts when I do this!" "Don't do it, then."
Lupe Christoph
--
| There is no substitute for bad design except worse design. |
| /me |
Reply to: