On Mon, 2010-03-08 at 20:44 +, Ned Slider wrote:
> Brian wrote:
> >> That's Postfix 2.3.3 on RHEL5 BTW :-)
> >>
> >> $ rpm -q postfix
> >> postfix-2.3.3-2.1.el5_2.x86_64
> >>
> > Tell me Ned, how do you get Postfix (2.3.3 on RHEL5) to reject at SMTP
> > time without using a the milter or someth
Ned Slider wrote:
Brian wrote:
That's Postfix 2.3.3 on RHEL5 BTW :-)
$ rpm -q postfix
postfix-2.3.3-2.1.el5_2.x86_64
Tell me Ned, how do you get Postfix (2.3.3 on RHEL5) to reject at SMTP
time without using a the milter or something hideous like
Amavis-crashalot? Perhaps if they added some fe
Brian wrote:
That's Postfix 2.3.3 on RHEL5 BTW :-)
$ rpm -q postfix
postfix-2.3.3-2.1.el5_2.x86_64
Tell me Ned, how do you get Postfix (2.3.3 on RHEL5) to reject at SMTP
time without using a the milter or something hideous like
Amavis-crashalot? Perhaps if they added some features to that old
Brian wrote:
On Mon, 2010-03-08 at 20:16 +, Ned Slider wrote:
Brian wrote:
On Mon, 2010-03-08 at 14:08 -0500, Michael Scheidell wrote:
just a heads up: I don't know if there is a problem with SA milter, but
there is a snort signature for it now.
Original Message
Subje
> That's Postfix 2.3.3 on RHEL5 BTW :-)
>
> $ rpm -q postfix
> postfix-2.3.3-2.1.el5_2.x86_64
>
Tell me Ned, how do you get Postfix (2.3.3 on RHEL5) to reject at SMTP
time without using a the milter or something hideous like
Amavis-crashalot? Perhaps if they added some features to that old
dinosa
On Mon, 2010-03-08 at 20:16 +, Ned Slider wrote:
> Brian wrote:
> > On Mon, 2010-03-08 at 14:08 -0500, Michael Scheidell wrote:
> >> just a heads up: I don't know if there is a problem with SA milter, but
> >> there is a snort signature for it now.
> >>
> >>
> >> Original Message ---
Ned Slider wrote:
Brian wrote:
The key is this:
"If spamass-milter is run with the expand flag (-x option) it runs a
popen() including the attacker supplied recipient (RCPT TO)."
POC IS
$ nc localhost 25
220 ownthabox ESMTP Postfix (Ubuntu)
mail from: me () me com
250 2.1.0 Ok
rcpt to: root+
Brian wrote:
On Mon, 2010-03-08 at 14:08 -0500, Michael Scheidell wrote:
just a heads up: I don't know if there is a problem with SA milter, but
there is a snort signature for it now.
Original Message
Subject: [Emerging-Sigs] SIG: SpamAssassin Milter Plugin Remote
Arbitra
On Mon, 2010-03-08 at 14:08 -0500, Michael Scheidell wrote:
> just a heads up: I don't know if there is a problem with SA milter, but
> there is a snort signature for it now.
>
>
> Original Message
> Subject: [Emerging-Sigs] SIG: SpamAssassin Milter Plugin Remote
> Arbit
just a heads up: I don't know if there is a problem with SA milter, but
there is a snort signature for it now.
Original Message
Subject: [Emerging-Sigs] SIG: SpamAssassin Milter Plugin Remote
Arbitrary Command Injection Attempt
Date: Mon, 8 Mar 2010 13:03:52 +
From:
10 matches
Mail list logo