Bug 3882 – Unlike 5.2, RH6.0 sendmail seems to relay by default

Bug 3882 - Unlike 5.2, RH6.0 sendmail seems to relay by default

Summary:	Unlike 5.2, RH6.0 sendmail seems to relay by default

Status:	CLOSED WORKSFORME

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	sendmail (Show other bugs)
Sub Component:
Version:	6.0
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Cristian Gafton
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:	Security

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	1999-07-03 05:18 EDT by Kern Sibbald
Modified:	2008-05-01 11:37 EDT (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	1999-08-16 14:59:00 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Kern Sibbald 1999-07-03 05:18:28 EDT

The sendmail that came with RedHat 5.2 by default did not
allow relaying.  It had to be explicitly enabled, which is
very good. Apparently the scheme for permitting relaying
has changed in the new V8 sendmail shipped with RH6.0.
However, the sendmail.cf file that you distribute with the
new sendmail seems to be a kludged up version of the V7
sendmail.cf file probably to make it work with Linuxconf.
It no longer defaults to prohibiting relaying. I cannot see
any way to stop relaying as all the code from the
V7 version that accomplished this is missing and yet the
new database (apparently in /etc/mail/access.db) does not
seem to be enabled.

The mixing of V7 sendmail.cf code with V8 sendmail is
very confusing. For example, the /etc/mail/access file from
RedHat 6.0 has the following
comments:
# Check the /usr/doc/sendmail-8.9.3/README.cf file for a
description # of the format of this file. (search for
access_db in that file)
# The /usr/doc/sendmail-8.9.3/README.cf is part of the
sendmail-doc
# package.

yet the sendmail.cf file you ship with RedHat 6.0 has the
following:
#####           SENDMAIL CONFIGURATION FILE
#####
##### built by root@porky.redhat.com on Thu Oct 30 01:33:15
EST 1997
##### in /usr/src/bs/BUILD/sendmail-8.8.7/cf/cf
##### using ../ as configuration include directory
#####


What version are we working with 8.9.3 or 8.8.7 ????
The top of the sendmail.cf that comes with RedHat 6.0 file
says:
# This file is built out of files in
/var/tmp/linuxconf-root/usr/lib/linuxconf/mailconf
# If you want to do manual modifications to one file
# do not modify files in
/var/tmp/linuxconf-root/usr/lib/linuxconf/mailconf, instead
# copy the file in /etc/mail/mailconf/
# and do the modification there.
# Linuxconf will use your file from now on.
# It will even find out that the sendmail.cf
# must be rebuilt.

OK, no problem, I'll edit anything anywhere. However there
is no:
/var/tmp/linuxconf-root/usr/lib/linuxconf/mailconf on my
system, nor is there /etc/mail/mailconf on my system.

The fact that it seems to RELAY by default (the contrary
of bug #3178 ????) is a possible security violation.

I've solved (kludged) the problem here by making the
necessary changes to the RH5.2 sendmail.cf file to work on
6.0.

Thanks,

Kern Sibbald

Comment 1 Cristian Gafton 1999-08-16 14:59:59 EDT

The sendmail in 6.0 allows relaying only from localhost by default.
(At leats in the default config files. Have you regenerated your
config files with the new m4 macros?)

Note You need to log in before you can comment on or make changes to this bug.