sendmail 8.14 has a serious memory corruption bug in it

Constantine A. Murenin mureninc at gmail.com
Tue Feb 19 13:18:22 PST 2008


On 19/02/2008, Claus Assmann <dragonfly-kernel at esmtp.org> wrote:
> On Tue, Feb 19, 2008, Bill Hacker wrote:
> > PacBell - or any other dominant carrier/ISP, IP-block-holder - very well
> > *will* enter a PTR RR in their DNS (the one that matters)
>
> No, they don't. I asked twice. (I could explain to you why they
> don't give me reverse DNS, but it seems you know better than I what
> to do, so I won't bother).

I'm quite curious what the reason is -- do you mind sharing it?

On a side note, if I were you, I'd probably complain to the ISP for
not specifying in their rDNS that your IP-address is static.

For example, with Embarq, DHCP customers in North Carolina with
dynamic addresses have records like
'nc-71-2-155-201.dhcp.embarqhsd.net.', whereas all Static IPs are
within the 'sta.embarqhsd.net.' domain. This makes it trivial to only
block a certain group with simple rules in /etc/mail/access, no deep
configuration proficiencies being required.

It would be nice if it was possible to configure sendmail to not block
any STARTTLS secure mail regardless of the ip or rDNS of the sender,
as you web-page suggests; but to my knowledge, such configuration of
sendmail is quite non-trivial, so most people don't use it. If you
could provide some examples on the web-page where you make this
suggestion, or, better yet, include such examples in the default
configuration file, it would, IMHO, be the best approach to this
problem.

Thanks,
Constantine.





More information about the Kernel mailing list