Bug 4648 - linuxconf and "special domain routing" creates an open SMTP relay
linuxconf and "special domain routing" creates an open SMTP relay
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: linuxconf (Show other bugs)
6.0
i386 Linux
high Severity medium
: ---
: ---
Assigned To: Michael K. Johnson
: Security
: 4719 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-08-22 03:20 EDT by tom
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 1999-12-15 15:57:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description tom 1999-08-22 03:20:00 EDT
If you use the "special domain routing" feature in Linuxconf
it replaces the version 8.9.3 sendmail.cf with a version
8.8.7 sendmail.cf (bug id #2480). This is bad as the
anti-relay rules in 8.8.7 are weaker. This also means that
exposed RH6 machines with special domain routing now fail
anti-relay tests (eg ORBS, MAPS etc) and can become black
listed.

Here's a sample of defeating the 8.8.7 relay rules:

220 ns2.xxx.com.au ESMTP Sendmail 8.9.3/8.8.7; Sun, 22 Aug
1999 15:38:58 +1000
mail from: <tom@oz.tm>
250 <tom@oz.tm>... Sender ok
rcpt to: <"tom@interact.net.au"@xxx.com.au>
250 <"tom@interact.net.au"@xxx.com.au>... Recipient ok
data
354 Enter mail, end with "." on a line by itself
testing
123
.
250 PAA06431 Message accepted for delivery
quit

Here's the stock RH6 8.9.3 cf running which defeats this
attempt:

220 ns2.xxx.com.au ESMTP Sendmail 8.9.3/8.9.3; Sun, 22 Aug
1999 15:59:50 +1000
mail from: <tom@oz.tm>
250 <tom@oz.tm>... Sender ok
rcpt to: <"tom@interact.net.au"@xxx.com.au>
550 <"tom@interact.net.au"@xxx.com.au>... Relaying denied
Comment 1 tom 1999-08-22 03:33:59 EDT
This is actually a bug in the linuxconf component, not the sendmail
one. This also happens even with the updated linuxconf RPM:
linuxconf-1.16r1.3-1
Comment 2 Michael K. Johnson 1999-09-19 18:42:59 EDT
Added Jacques to CC list
Comment 3 Michael K. Johnson 1999-09-19 19:05:59 EDT
*** Bug 4719 has been marked as a duplicate of this bug. ***

The following alert appeared on the Oz-ISP mailing list.

It appears that Linuxconf over-writes the Sendmail-8.9 conf
files
with Sendmail 8.8.x config.  It appears that Sendmail-8.8
still has
some serious bugs in prevent spam as indicated in the
following mail
message extract.

Is anyone looking at this problem ?
------------------------------------------------------------
---------------

For those people still using sendmail 8.8.x in hostile
environments,
note that your anti-relaying is very likely to be
compromised. ORBS
and
RRS are listing 8.8.x as open relays (as they are relaying)
because
of this.

Here's an example of poor.victim.com.au relaying spam to
tom@oz.tm:

220 poor.victim.com.au ESMTP Sendmail 8.8.5/8.8.5; Wed, 25
Aug 1999
09:55:39 +1000 (EST)
mail from: &#60;lkjfe@netscape.net>
250 &#60;lkjfe@netscape.net>... Sender ok
rcpt to: &#60;"tom@oz.tm"@victim.com.au>
250 &#60;"tom@oz.tm"@victim.com.au>... Recipient ok
data
[... insert porn spam here ..]

------------------------------------------------------------
---------------

Given the popularity of RedHat 6 and Linuxconf with ISPs
who are a
little short on Unix, inparticular Sendmail skills.  This
could be a
major problem.

Regards


Terry O'Connor
Comment 4 Michael K. Johnson 1999-12-02 12:33:59 EST
linuxconf has defaulted to allowing relaying but that is being changed
now.  We will release linuxconf-1.16r10-1 or later after some testing
and that will have relaying turned off by default.
Comment 5 Michael K. Johnson 1999-12-15 15:57:59 EST
1.16r10-2 released

Note You need to log in before you can comment on or make changes to this bug.