Bug 4648 - linuxconf and "special domain routing" creates an open SMTP relay
Summary: linuxconf and "special domain routing" creates an open SMTP relay
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: linuxconf
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Michael K. Johnson
QA Contact:
: 4719 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 1999-08-22 07:20 UTC by tom
Modified: 2008-05-01 15:37 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1999-12-15 20:57:16 UTC

Attachments (Terms of Use)

Description tom 1999-08-22 07:20:00 UTC
If you use the "special domain routing" feature in Linuxconf
it replaces the version 8.9.3 sendmail.cf with a version
8.8.7 sendmail.cf (bug id #2480). This is bad as the
anti-relay rules in 8.8.7 are weaker. This also means that
exposed RH6 machines with special domain routing now fail
anti-relay tests (eg ORBS, MAPS etc) and can become black

Here's a sample of defeating the 8.8.7 relay rules:

220 ns2.xxx.com.au ESMTP Sendmail 8.9.3/8.8.7; Sun, 22 Aug
1999 15:38:58 +1000
mail from: <tom@oz.tm>
250 <tom@oz.tm>... Sender ok
rcpt to: <"tom@interact.net.au"@xxx.com.au>
250 <"tom@interact.net.au"@xxx.com.au>... Recipient ok
354 Enter mail, end with "." on a line by itself
250 PAA06431 Message accepted for delivery

Here's the stock RH6 8.9.3 cf running which defeats this

220 ns2.xxx.com.au ESMTP Sendmail 8.9.3/8.9.3; Sun, 22 Aug
1999 15:59:50 +1000
mail from: <tom@oz.tm>
250 <tom@oz.tm>... Sender ok
rcpt to: <"tom@interact.net.au"@xxx.com.au>
550 <"tom@interact.net.au"@xxx.com.au>... Relaying denied

Comment 1 tom 1999-08-22 07:33:59 UTC
This is actually a bug in the linuxconf component, not the sendmail
one. This also happens even with the updated linuxconf RPM:

Comment 2 Michael K. Johnson 1999-09-19 22:42:59 UTC
Added Jacques to CC list

Comment 3 Michael K. Johnson 1999-09-19 23:05:59 UTC
*** Bug 4719 has been marked as a duplicate of this bug. ***

The following alert appeared on the Oz-ISP mailing list.

It appears that Linuxconf over-writes the Sendmail-8.9 conf
with Sendmail 8.8.x config.  It appears that Sendmail-8.8
still has
some serious bugs in prevent spam as indicated in the
following mail
message extract.

Is anyone looking at this problem ?

For those people still using sendmail 8.8.x in hostile
note that your anti-relaying is very likely to be
compromised. ORBS
RRS are listing 8.8.x as open relays (as they are relaying)
of this.

Here's an example of poor.victim.com.au relaying spam to

220 poor.victim.com.au ESMTP Sendmail 8.8.5/8.8.5; Wed, 25
Aug 1999
09:55:39 +1000 (EST)
mail from: &#60;lkjfe@netscape.net>
250 &#60;lkjfe@netscape.net>... Sender ok
rcpt to: &#60;"tom@oz.tm"@victim.com.au>
250 &#60;"tom@oz.tm"@victim.com.au>... Recipient ok
[... insert porn spam here ..]


Given the popularity of RedHat 6 and Linuxconf with ISPs
who are a
little short on Unix, inparticular Sendmail skills.  This
could be a
major problem.


Terry O'Connor

Comment 4 Michael K. Johnson 1999-12-02 17:33:59 UTC
linuxconf has defaulted to allowing relaying but that is being changed
now.  We will release linuxconf-1.16r10-1 or later after some testing
and that will have relaying turned off by default.

Comment 5 Michael K. Johnson 1999-12-15 20:57:59 UTC
1.16r10-2 released

Note You need to log in before you can comment on or make changes to this bug.