The sendmail.cf that comes with RedHat 5.x (sendmail 8.8.7) doesn't work
against the open relay problem, although it does contain most of the rules
needed to do so.
The way I got around it was to cut out the Scheck_rcpt and Sremove_local
stuff in sendmail.cf and replace them with similar rulesets I found at
http://www.sendmail.org/~ca/email/check.html#check_rcpt . The Scheck_rcpt
and Sremovelocal sections listed here will stop all of the (currently) known
relaying methods.
I originally tried editing the existing sendmail.cf sections, but that
didn't work (I must've screwed somthing up, 'cause it started relaying
*everything*), so I eventually cut out both existing sections and pasted in
the sections on said Web page.
Once I did the cut-n-paste thing, I got my machine out of the ORBS
(http://www.orbs.com) database. If it doesn't stop all unauthorized
relaying, it at least blocks enough that ORBS can't relay through it.
James
James P. Callison
Network Administrator
The University of Oklahoma Law Center
[EMAIL PROTECTED]
Dumb things don't happen by accident. It takes a highly
skilled village of idiots. -- AutoWeek, 29 Dec 1997
-----Original Message-----
From: Matt Dunn [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 22, 1999 2:43 PM
To: [EMAIL PROTECTED]
Subject: Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2
>Users of sendmail 8.9.x of course have no problem, neither do those who
have
>updated their mail relay prevention rulesets recently, but I think there
are
>enough RedHat 5.0, 5.1 and 5.2 users who are unaware of the problem to make
it
>worth sending this out.
Actually, the default install of 8.9.3 does NOT in and of itself fix this
problem. I'm looking into the rulesets that will specifically handle this.
-Matt
