* Lupe Christoph [090810 21:13]:
> > Almost all security holes need to user to do something. (If only to
> > power up the machine, to install some packages, to connect to the
> > internet, to give accounts to users). The question cannot be that
> > something has to be done do make people vulnerabl
Re,
Lupe Christoph wrote:
On Monday, 2009-08-10 at 14:35:06 +0200, Bernhard R. Link wrote:
* Lupe Christoph [090810 13:53]:
On Monday, 2009-08-10 at 13:46:38 +0200, Thomas Liske wrote:
last week, there was an article on heise security about MTAs[1] which
relay mails for hosts having a rev
OK, I give up. And shut up.
Please file a bug against the sendmail package, with the information
that sendmail allows you to enter "Connect:localhost RELAY" in
/etc/mail/access.
And another one that "Connect:127.0.0.1 RELAY" opens up the same hole as
"Connect:localhost RELAY".
Since I have no se
On Tuesday, 2009-08-11 at 10:32:04 +0200, Bernhard R. Link wrote:
> * Lupe Christoph [090810 21:13]:
> > > Almost all security holes need to user to do something. (If only to
> > > power up the machine, to install some packages, to connect to the
> > > internet, to give accounts to users). The que
Lupe Christoph wrote:
> OK, I give up. And shut up.
>
> Please file a bug against the sendmail package, with the information
> that sendmail allows you to enter "Connect:localhost RELAY" in
> /etc/mail/access.
>
> And another one that "Connect:127.0.0.1 RELAY" opens up the same hole as
> "Connect
* Lupe Christoph [090811 10:56]:
> > So it is in my eyes no criteria at all that the user has to change some
> > configuration. The question is whether this change is supposed to cause
> > the effects it does and if a user can be expected to understand the
> > effects.
>
> Please go ahead and file
If sendmail would do a double lookup verify on the reverse DNS records,
there would be no problem at all.
When some obscure IP address has reverse DNS pointer record "localhost"
and sendmail would do another lookup to see what IP address belongs to
"localhost", then it would not match (obscure IP
7 matches
Mail list logo
