[Exim] exim as relay for latest sendmail bug?

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Marc Haber
日付:  
To: exim-users
題目: [Exim] exim as relay for latest sendmail bug?
Hi,

the latest sendmail bug can be exploited by sending a message to a
vulnerable system. Using exim as an application level gateway doesn't
help here, since exim will happily relay the message containing the
exploit to a vulnerable internal system.

Has anybody out here done an analysis of the sendmail bug? Is it
possible to configure exim to not relay an exploiting message, but
instead rejecting it? I would be very interested in solutions for both
exim 3 and exim 4.

Greetings
Marc

--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29