I was checking out the HELO verification code and noted two
problems:
1) exim believes gethostbyaddr. Nonetheless, it is entirely
possible to spoof one's reverse address records.
2) exim copies, using strcpy, the results of gethostbyaddr,
in at least one place. An immediate attack method is to
create a long HELO line and a tailored DNS record to
create overruns.
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/
