Date: Mon, 1 Feb 1999 12:33:10 -0500 From: "Jung, Michael" <mjung@npc.net> To: "'Igor Roshchin'" <igor@physics.uiuc.edu>, "'security@FreeBSD.ORG'" <security@FreeBSD.ORG> Subject: RE: Sendmail- headers Message-ID: <c=US%a=_%p=Financial_Allian%l=EXCHANGE-990201173310Z-116325@exchange.finall.com>
next in thread | raw e-mail | index | archive | help
Does this ever happen elsewhere in the message? If si and you have a Cisco PIX firewall this is a known problem using the "mailhost" statement. If so look at cisco's site for a resolution. We had this exact problem a while back --mikej Michael Jung mjung@npc.net >-----Original Message----- >From: Igor Roshchin [SMTP:igor@physics.uiuc.edu] >Sent: Friday, January 29, 1999 5:30 PM >To: security@FreeBSD.ORG >Subject: Sendmail- headers > > >Hello! > >Sorry, if I am asking about some which has been stated clearly. >I just looked in the archives and haven't found the clear answer. > >This week I've received two messages which indicate an attempt >of the header overflow (I think) in the sendmail. >Remembering some discussion recently on one of the lists, >I am not sure if this overflow can result in any break in >or just might cause identity forgering (so, to prevent identification >of the sender and/or his host) ? > >I am running Sendmail 8.8.5/8.7.3 on a 2.1.7.1 -> 2.1-STABLE >Yes, I know it's outdated and the upgrade is pending, >but I am concerned if there was a break in this way, and whether I should >worry about detection of any traces of it. > >The headers are: > > >Return-Path: aho@aho.ne >Received: from >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >xxx >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >Date: Fri, 29 Jan 1999 08:50:44 -0500 (EST) >From: aho@aho.ne >Message-Id: <199901291350.IAA10527@MYHOST.CHANGED.BY.ME.FOR.SECURITY.REASONS> >To: kei37@geocities.co.jp >Subject: test >X-Mailer: Microsoft Outlook Express 4.72.2106 > > > >Thanks, > >Igor > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c=US%a=_%p=Financial_Allian%l=EXCHANGE-990201173310Z-116325>