On Mon, Oct 05, 2015 at 02:15:55PM +1300, Holger Jahn wrote:
> Hi there,
>
> After playing with MDA delivery in smtpd.conf on two servers, I found that
> there seems to be an internal command line buffer overflow after 256 bytes.
>
> Consider the following MDA config setting:
>
> deliver to mda
On Mon, Oct 05, 2015 at 12:38:50AM +0200, Jason A. Donenfeld wrote:
> Hi folks,
>
> I'm passing the gauntlet for anyone who wants to analyze this for
> impact etc. There's a remotely triggerable buffer overflow in
> OpenBSD's OpenSMTPD -- the latest version, 5.7.2 -- reachable by
> sending
> On 05 Oct 2015, at 00:38, Jason A. Donenfeld wrote:
>
> At some point we might want a CVE for this.
>
Please, next time you publish such a security issue -- give developers a chance
to provide patches, *before* going public. Think of the production servers which
run
On Mon, Oct 05, 2015 at 10:38:34AM +0200, Joerg Jung wrote:
>
> > On 05 Oct 2015, at 00:38, Jason A. Donenfeld wrote:
> >
> > At some point we might want a CVE for this.
> >
>
> Please, next time you publish such a security issue -- give developers a
> chance
> to provide
Hi folks,
Some distributions are using /run instead of /var/run. In the Gentoo
package, somebody changed it recently to do this:
sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c
This isn't very pretty. Is there a switch to --configure for making
this happen? And if
On Mon, Oct 05, 2015 at 11:07:16AM +0200, Jason A. Donenfeld wrote:
> Hi folks,
>
> Some distributions are using /run instead of /var/run. In the Gentoo
> package, somebody changed it recently to do this:
>
> sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c
>
> This
On Mon, Oct 5, 2015 at 11:12 AM, Gilles Chehade wrote:
> yes, please fill a feature request on the tracker
Done:
https://github.com/OpenSMTPD/OpenSMTPD/issues/637
>
> it won't be part of the release i'll do this morning.
No problem; there's no rush for this.
--
You received
On Mon, Oct 05, 2015 at 02:15:55PM +1300, Holger Jahn wrote:
> Hi there,
>
> After playing with MDA delivery in smtpd.conf on two servers, I found that
> there seems to be an internal command line buffer overflow after 256 bytes.
>
> Consider the following MDA config setting:
>
> deliver to mda
On 10/05/2015 08:38 PM, Gilles Chehade wrote:
This looks like a truncation in the forward expansion code, it should have
caused the mail to be rejected, I'll have a look today.
Can you tell me which version you are using ?
5.7.1p1 on Arch Linux.
--
You received this mail because you are
OpenSMTPD 5.7.3 has just been released.
OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of
Hi guys,
I need a relay server for specific virtual addresses. This sounds good to me
accept from any for any virtual relay
table file should look like
peter@myfirstdomain peter@emailprovider
jhon@mysecondomain jhon@anotheremailprovider
...
and so...
However, it doesn't work.
11 matches
Mail list logo