I'm a little confused here... I tested my server and I'm not susceptible to this type of "exploit" ... However, I want to understand the fix and apply it anyways, just to be sure.
My question is, what do I put in there for [hostname] ... I have several domains this server hosts, so what should I be using? Thanks! On Thu, 2003-09-18 at 01:43, John Melville wrote: > Well I found it. > > Yes there is a method being employed by spammers to get mail relayed via > our servers using SMTP-AUTH. > > If the last line of your /var/qmail/supervise/qmail-smtpd/run file looks > like this ... > /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true 2>&1 > > AND you've updated to the new 0.5 patch, you are now an open relay! > > The fix ... > > /var/qmail/bin/qmail-smtpd [hostname] /home/vpopmail/bin/vchkpw > /bin/true 2>&1 > > Put your hostname where noted above and you are fixed. > > More info here .. > http://marc.theaimsgroup.com/?l=qmail&m=105452174430616&w=2 > > Interestingly the old version of Bill's toaster isn't affected by this > bug and the SMTP-AUTH is secure without the hostname in the run file. > > Bill, you may wish to fix this in the next toaster update as it's not > easy to see this hole until it is abused by someone. I discovered it > this morning when I got up to my main server being blacklisted on > bl.spamcop.net. I'll send this email once I'm off that blocklist since > you happen to be using it to stop my mail getting to the list anyway :) > > John > > -- --------------------------- Jason 'XenoPhage' Frisvold Engine / Technology Programmer [EMAIL PROTECTED] RedHat Certified - RHCE # 807302349405893 MySQL Core Certified - ID# 205982910 --------------------------- "Something mysterious is formed, born in the silent void. Waiting alone and unmoving, it is at once still and yet in constant motion. It is the source of all programs. I do not know its name, so I will call it the Tao of Programming."
signature.asc
Description: This is a digitally signed message part
