Hi Martin,

...

SuSE Security Announcement

Package: sendmail, sendmail-tls Announcement-ID: SuSE-SA:2003:013

Does the bugfix "repair" affected messages, so that servers behind a patched sendmail are protected? Or are the "bad" headers passed on to the next MTA unmodified?

Yes, the bad headers are passed on. Quote from the announcement: The vulnerability is triggered by an email message sent through the sendmail MTA subsystem. In that respect, it is different from commonly known bugs that occur in the context of an open TCP connection. By consequence, the vulnerability also exists if email messages get forwarded over a relay that itself does not run a vulnerable MTA. This specific detail and the wide distribution of sendmail in the internet causes this vulnerability to be considered an error of major severity. Bye Uli -- Ulrich Roth IMPACT Business & Technology Consulting GmbH Im Mediapark 8 / KölnTurm D-50670 Koeln Phone +49-221-93 70 80-29 Fax +49-221-93 70 80-15 E-Mail: roth@impact.de