Auteur: Nico Erfurth Datum: Aan: Andreas Gietl CC: Marc Haber, exim-users, tom Onderwerp: Re: [Exim] exim as relay for latest sendmail bug?
Andreas Gietl wrote:
>>>the latest sendmail bug can be exploited by sending a message to a
>>>vulnerable system. Using exim as an application level gateway doesn't
>>>help here, since exim will happily relay the message containing the
>>>exploit to a vulnerable internal system.
>>>
>>>Has anybody out here done an analysis of the sendmail bug? Is it
>>>possible to configure exim to not relay an exploiting message, but
>>>instead rejecting it? I would be very interested in solutions for both
>>>exim 3 and exim 4.
>>
>>I don't think you can do it with exim directly, unless it is a special
>>header, so you can check $h_XXX for a special length.
>
>
> The Bug affects the parsing of the From, To, CC and Bcc-Header which sendmail
> does semantic tests on.
I didn't check exim's code, but did anyone try to use
verify = header_syntax in his/her data_acl?