Matt Dunn wrote:
>
> Actually, the default install of 8.9.3 does NOT in and of itself fix this
> problem. I'm looking into the rulesets that will specifically handle this.
The vulnerable rules seem to be the ones from Claus Aussman and many derived
from them, including a set of rules I wrote by myself.
I fixed them by replacing the part which checks for a local recipient with the
more complex set from RedHat 6.0 that appears to take care of dequoting the
recipient address.
I hope this could be of help for users of home-made rules.
# remove local part, maybe repeatedly
R$*<@$=w.>$* $>3 $1 $3
# If you want to use RelayTo uncomment the following line
R$*<@$*$={RelayTo}.>$* $>3 $1 $4
R$*<@$+>$* $#error $@ 5.7.1 $: "571 Relay denied"
--------------------Replace with:
# remove local part, maybe repeatedly
R$+ $:$>removelocal $1
# still something left?
R$*<@$+>$* $#error $@ 5.7.1 $: "571 Relay denied"
Sremovelocal
# remove RelayTo part (maybe repeatedly)
R$*<@$*$={RelayTo}.>$* $>3 $1 $4
R$*<@$=w.>$* $: $>removelocal $>3 $1 $3
R$*<@$*>$* $@ $1<@$2>$3
# dequote local part
R$- $: $>3 $(dequote $1 $)
R$*<@$*>$* $: $>removelocal $1<@$2>$3
Bye!
--
Daniele
-------------------------------------------------------------------------------
Daniele Orlandi - Utility Line Italia
Via Mezzera 29/A - 20030 - Seveso (MI) - Italy
-------------------------------------------------------------------------------
