Re: [Exim] exim as relay for latest sendmail bug?

Página superior
Este mensaje es parte del siguiente hilo:
M-\El árbol completo de hilos, ordenados por fecha
M.MSuresh Ramasubramanian, mensaje del <-
M\Andreas Gietl, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Nico Erfurth
Fecha:  
A: Marc Haber
Cc: exim-users
Asunto: Re: [Exim] exim as relay for latest sendmail bug?
Marc Haber wrote:
> Hi,
>
> the latest sendmail bug can be exploited by sending a message to a
> vulnerable system. Using exim as an application level gateway doesn't
> help here, since exim will happily relay the message containing the
> exploit to a vulnerable internal system.
>
> Has anybody out here done an analysis of the sendmail bug? Is it
> possible to configure exim to not relay an exploiting message, but
> instead rejecting it? I would be very interested in solutions for both
> exim 3 and exim 4.

I don't think you can do it with exim directly, unless it is a special
header, so you can check $h_XXX for a special length.

BUT, it should be easy to do with a local_scan function.

I don't know how the new sendmail-bug works, I just read about overlong
headers etc....

Nico



Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-Re: [Exim] Re: SPA with Outlook 2K[Exim] [PATCH] new option: smtp_accept_max_nonmail_hosts->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)