Date: Sat, 14 Mar 1998 20:14:45 +0900 (JST) From: Hiroharu Tamaru <tamaru@ap.t.u-tokyo.ac.jp> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: conf/6002: /etc/mail/sendmail.cf.addtions seems to leak. Message-ID: <199803141114.UAA12831@gin.myn.t.u-tokyo.ac.jp>
next in thread | raw e-mail | index | archive | help
>Number: 6002
>Category: conf
>Synopsis: /etc/mail/sendmail.cf.addtions seems to leak.
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Mar 14 03:20:02 PST 1998
>Last-Modified:
>Originator: Hiroharu Tamaru
>Organization:
Dept. Appl. Phys, University of Tokyo.
>Release: FreeBSD 2.2.6-BETA i386
>Environment:
System: FreeBSD gin.myn.t.u-tokyo.ac.jp 2.2.6-BETA FreeBSD 2.2.6-BETA #0: Sat Mar 14 01:27:36 JST 1998 tamaru@gin.myn.t.u-tokyo.ac.jp:/workspace/usr.src/sys/compile/GIN i386
CVSupped on Mar 12.
>Description:
/etc/mail/sendmail.cf.addtions may not be correct.
`Connecting Host must resolve' function and
`ip address must NOT be in Paul Vixie's RBL' function
in rule `check_mail' and
`mail must come from or go to this machine or machines we allow to relay'
in rule `check_recpt' doesn't seem to work.
I say 'seem' because I haven't checked it in real practice whether it
really does forward junk mails.
I just checked it with the -bt option of sendmail.
>How-To-Repeat:
Say, for the first one:
After replacing one rule in rule `check_mail'(line 76) like the following,
so that some client name is passed while testing with sendmail -bt
-R$* $: $1 $: $(dequote "" $&{client_name} $)
+$* $: $1 $: $(dequote "" "host.junk.com" $)
% sendmail -bt
> check_mail user@freebsd.org
rewrite: ruleset 196 input: user @ freebsd . org
rewrite: ruleset 3 input: user @ freebsd . org
rewrite: ruleset 96 input: user < @ freebsd . org >
rewrite: ruleset 96 returns: user < @ freebsd . org . >
rewrite: ruleset 3 returns: user < @ freebsd . org . >
rewrite: ruleset 3 input: foo @ OK $: host . junk . com
rewrite: ruleset 96 input: foo < @ OK $: host . junk . com >
rewrite: ruleset 96 returns: foo < @ host . junk . com >
rewrite: ruleset 3 returns: foo < @ host . junk . com >
rewrite: ruleset 199 input: foo < @ host . junk . com > $:
rewrite: ruleset 199 returns: foo < @ host . junk . com > $:
rewrite: ruleset 196 returns: OK
Since host.junk.com is not a valid host, this should not pass through.
>Fix:
I don't know much about sendmail.cf but the following seems
to make things better.
--- sendmail.cf.additions- Sat Mar 14 00:29:26 1998
+++ sendmail.cf.additions Sat Mar 14 19:25:01 1998
@@ -68,19 +68,21 @@
# mail must NOT come from a known source of spam--BEGIN
R$+ @$+ $: <$1@$2> $2
R<$*> $+.$+.$+ <$1> $3.$4
-R<$*> $* $: $(spamsites $2 $: OK $)
+R<$*> $* $: $(spamsites $2 $: <$1> $2 $)
R$+.REJECT $#error $: 521 $1
R<$*> $* $: $1
# mail must NOT come from a known source of spam--END
# Connecting Host must resolve--BEGIN
-R$* $: $1 $: $(dequote "" $&{client_name} $)
-R$* $: $>3 foo@$1
+R$* $: <$1> $(dequote "" $&{client_name} $)
+R<$*> $* $: <$1> $>3 foo@$2
+R<$*> $* < @ $+ . > $: $1
R<$*> $*<@$*> $#error $: "451 Domain does not resolve"
# Connecting Host must resolve--END
# ip address must NOT be in Paul Vixie's RBL--BEGIN
-R$* $: $1 $: $(dequote "" $&{client_addr} $)
-R$* $: $>check_rbl $1
+R$* $: <$1> $(dequote "" $&{client_addr} $)
+R<$*> $* $: <$1> $>check_rbl $2
R$*.com. $#error $: "550 Mail refused, see http://maps.vix.com/rbl"
+R<$*> $* $1
# ip address must NOT be in Paul Vixie's RBL--END
R$* $@ OK
@@ -100,7 +102,7 @@
R<$*> $* $: $1
# mail must NOT be addressed "fakenames"--END
# mail must come from or go to this machine or machines we allow to relay--BEGIN
-# R$* $: $>Parse0 $>3 $1
+# R$* $: $>3 $1
# R$+ < @ $* . > $* $: $1 < @ $2 >
# R$+ < @ $=w> $@ OK
# R$+ < @ $* $=R> $@ OK
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199803141114.UAA12831>