I believe one should never use exim_user = root at all, but I don't
understand why that should lead to it being an open relay.
----- Forwarded message from nslu@??? -----
Envelope-to: mark@???
Delivery-date: Fri, 21 Dec 2001 21:30:05 +0000
Subject: Bug#126124: exim: promiscuous relay if running from inetd w/ exim_user=root in cf
Reply-To: nslu@???, 126124@???
Original-Sender: nick slussar <nslu@???>
X-Debian-PR-Message: report 126124
X-Debian-PR-Package: exim
X-Debian-PR-Keywords:
From: nslu@???
To: submit@???
Date: Fri, 21 Dec 2001 16:15:43 -0500
Delivered-To: submit@???
Package: exim
Version: 3.33-1
Severity: critical
First, I'd like to point that this bug affects also woody version
of exim. It should be totally reproducible.
Here is my scenario:
1) run exim from inetd, like this
smtp stream tcp nowait mail /usr/sbin/exim exim -bs
note the user - mail.
2) in exim.conf put
exim_user = root
which is required in some cases, like when exim uses pam_unix auth with
shadow passwords.
3) result: host becomes fully open relay to anybody, ignoring any
relay-control stuff in exim.conf.
That's it.
-- System Information
Debian Release: 3.0
Kernel Version: Linux damn 2.4.14-xfs #3 Tue Dec 11 09:41:39 EST 2001 i686 unknown
Versions of the packages exim depends on:
ii cron 3.0pl1-72 management of regular background processing
ii libc6 2.2.4-7 GNU C Library: Shared libraries and Timezone
ii libdb2 2.7.7.0-3 The Berkeley database routines (run-time fil
ii libident 0.22-2 simple RFC1413 client library - runtime
ii libldap2 2.0.14-1.1 OpenLDAP libraries.
ii libpam0g 0.72-34 Pluggable Authentication Modules library
ii libpcre3 3.4-1.1 Philip Hazel's Perl Compatible Regular Expre
ii netbase 4.07 Basic TCP/IP networking system
----- End forwarded message -----
