sendmail 8.9 open relay ?
Hi folks, just received a message from the "famous" :-) ORBS database claiming that our server is open for mail-relaying. Hmm, as far as I remeber, this was correct for the earlier versions and I was told (from SuSE I think, but not sure about this) that sendmail would be safe starting with SuSE6.0. Well, I did install SuSE6.0 and thought this would be ok now. I did some checks by myself and found out that the server is indeed still open for relays. Did I forget some configuration details ? Or what else can I do to close mail-relaying ? Thanks in advance. --- Stephan
There aer still a number of things in the default sendmail 8.9.x config that are insecure. These are fixed in the 8.10.0.Beta* public betas. The relay methods are suitably obscure, but still exploitable. I ran my 8.10.0.Beta* through ORBS and came up clean, so whatever the default is "now" it works. :) I would recommend upgrading to the newer sendmail betas, from ftp://ftp.sendmail.org/ D At 12:28 AM 1/28/00 +0100, Security Webmaster OKDesign oHG wrote:
On Fri, 28 Jan 2000, Security Webmaster OKDesign oHG wrote:
just received a message from the "famous" :-) ORBS database claiming that our server is open for mail-relaying.
For those who don't know, you can find the ORBS database at: http://www.orbs.org/ You can run a relaying test against a mail server at: http://www.abuse.net/relay.html I don't know whether this is an exhaustive test, but I seemed to pass.
I have a later version of SuSE than you installed; you can get the benefits of the later versions by grabbing the *source* rpm from a later distro and issuing the following command: rpm --rebuild sendmail<version>.src.rpm -- _Deirdre * http://www.linuxcabal.net * http://www.deirdre.net "Mars has been a tough target" -- Peter G. Neumann, Risks Digest Moderator "That's because the Martians keep shooting things down." -- Harlan Rosenthal <Harlan.Rosenthal@Dialogic.com>, retorting in Risks Digest 20.60
Security Webmaster OKDesign oHG wrote:
SuSE6.0 came with sendmail 8.8. No? If so it defaults to open relay. 8.9 fixed that. Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 --------------------------------------------------
Hi, On Thu, 27 Jan 2000, Nick Zentena wrote:
Correct:
rpm -qp /CD-ARCHIVE/6.0/suse-i386-1/CD1/suse/n1/sendmail.rpm sendmail-8.8.8-45
We switched to sendmail 8.9 with SuSE Linux 6.1 Bye, LenZ -- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer 90443 Nuernberg, Germany
There aer still a number of things in the default sendmail 8.9.x config that are insecure. These are fixed in the 8.10.0.Beta* public betas. The relay methods are suitably obscure, but still exploitable. I ran my 8.10.0.Beta* through ORBS and came up clean, so whatever the default is "now" it works. :) I would recommend upgrading to the newer sendmail betas, from ftp://ftp.sendmail.org/ D At 12:28 AM 1/28/00 +0100, Security Webmaster OKDesign oHG wrote:
On Fri, 28 Jan 2000, Security Webmaster OKDesign oHG wrote:
just received a message from the "famous" :-) ORBS database claiming that our server is open for mail-relaying.
For those who don't know, you can find the ORBS database at: http://www.orbs.org/ You can run a relaying test against a mail server at: http://www.abuse.net/relay.html I don't know whether this is an exhaustive test, but I seemed to pass.
I have a later version of SuSE than you installed; you can get the benefits of the later versions by grabbing the *source* rpm from a later distro and issuing the following command: rpm --rebuild sendmail<version>.src.rpm -- _Deirdre * http://www.linuxcabal.net * http://www.deirdre.net "Mars has been a tough target" -- Peter G. Neumann, Risks Digest Moderator "That's because the Martians keep shooting things down." -- Harlan Rosenthal <Harlan.Rosenthal@Dialogic.com>, retorting in Risks Digest 20.60
Security Webmaster OKDesign oHG wrote:
SuSE6.0 came with sendmail 8.8. No? If so it defaults to open relay. 8.9 fixed that. Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 --------------------------------------------------
Hi, On Thu, 27 Jan 2000, Nick Zentena wrote:
Correct:
rpm -qp /CD-ARCHIVE/6.0/suse-i386-1/CD1/suse/n1/sendmail.rpm sendmail-8.8.8-45
We switched to sendmail 8.9 with SuSE Linux 6.1 Bye, LenZ -- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer 90443 Nuernberg, Germany
participants (5)
-
Deirdre Saoirse -
Derek J. Balling -
Lenz Grimmer -
Nick Zentena -
Security Webmaster OKDesign oHG