Am 10.02.2011 22:26, schrieb Patrick Ben Koetter: > * Mark Martinec <mark.martinec...@ijs.si>: >> On Thursday February 10 2011 21:14:59 Adam Katz wrote: >>> Does this affect sendmail as well as postfix? I assume so, >>> but wanted an explicit confirmation. >> >> Yes, the security hole is entirely within the milter, >> independent of the MTA. > > I tried the exploit and it seems that Postfix' restrictions that check for > FQDN > address and correct recipient syntax prevent the exploit from getting through: > > telnet mail.example.de 25 > 220 mail.example.de ESMTP Postfix > HELO foo > 250 mail.example.de > MAIL FROM:<> > 250 2.1.0 Ok > RCPT TO:root+:"|touch /tmp/foo" > 501 5.1.3 Bad recipient address syntax > RCPT TO:<root+:"|touch /tmp/foo"> > 504 5.5.2 <root+:|touch /tmp/foo>: Recipient address rejected: need > fully-qualified address > RCPT TO:<root@localhost+:"|touch /tmp/foo"> > 501 5.1.3 Bad recipient address syntax > QUIT > 221 2.0.0 Bye > > Can anyone confirm this? > > p@rick > > Hi Patrick the Problem was fixed last year, as far i know,
it never worked with default postfix settings also the x switch isnt wide used http://savannah.nongnu.org/bugs/?29136 -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
