sendmail 8.14 has a serious memory corruption bug in it

Bill Hacker wbh at conducive.org
Tue Feb 19 09:10:10 PST 2008


Claus Assmann wrote:
On Mon, Feb 18, 2008, Matthew Dillon wrote:

    I have reported the bug to the sendmail folks.
And I tried to reply:

A mail from you could not be delivered. See below for details.

Recipient:
<dillon at apollo.backplane.com>
Remote-MTA: 216.240.41.2
Reason:
550 5.0.0 You cannot send email directly from a DSL or CABLEMODEM or other mass-media host, you must
instead relay it through your ISP's mail host.  Sorry, there is too much spam coming from customers
of your ISP and your ISP is not doing a good job of stopping it.  If you are a legitimate mail
domain you must have a correctly configured reverse DNS.
The sendmail.org website states from which IP address a reply will
most likely come (yes, it's static, no, PacBell won't delegate
reverse DNS).
Off topic, but I haven't used an MTA yet (sendmail, postfix, qmail, 
courier-mta, exim) .. that checks *websites* for MX or PTR RR's.

Nor any hint in any RFC as to why or how they could or should do.

PacBell - or any other dominant carrier/ISP, IP-block-holder - very well 
*will* enter a PTR RR in their DNS (the one that matters)

- IF you are on the appropriate service contract

- AND apply in the manner they require.

It is an embarassingly bad example that deval team members of the 
'senior service' MTA would not heed the RFC on that issue.

A bit of effort, and I'm sure it can be repaired quickly.

Bill Hacker





More information about the Kernel mailing list