sendmail 8.14 has a serious memory corruption bug in it

Bill Hacker wbh at conducive.org
Tue Feb 19 11:28:14 PST 2008


Claus Assmann wrote:
On Tue, Feb 19, 2008, Bill Hacker wrote:

Off topic, but I haven't used an MTA yet (sendmail, postfix, qmail, 
courier-mta, exim) .. that checks *websites* for MX or PTR RR's.
What does that have to do with the MTA that rejected the reply?
If someone rejects mails based on some local rules, then he might
not receive a reply...
That's not (just) a 'local rule'.

It is a requirement covered in several overlapping/cross-referencing 
RFC's lo these many years. Start with 1035 and 822 and come forward.

PacBell - or any other dominant carrier/ISP, IP-block-holder - very well 
*will* enter a PTR RR in their DNS (the one that matters)
No, they don't. I asked twice. (I could explain to you why they
don't give me reverse DNS, but it seems you know better than I what
to do, so I won't bother).
A finite, but 'Very Large Number' of PacBell customers DO have PTR RR.

If they have denied *you* a PTR RR, there are type/class of service or 
other contractual reasons. Legal, not technical. You get no more than 
what was paid for.

It is an embarassingly bad example that deval team members of the 
'senior service' MTA would not heed the RFC on that issue.
Which RFC? Please tell me the number, and quote the text that my
setup violates.
Find your own text.

'man sendmail'

Look under 'SEE ALSO'.  The RFC's cited (or their replacements) are online.

and/or ..

Google - and eyeball, human, Mark One, type one, class one, standard A - 
connected to an open mind.

Top five or ten hits on 'PTR RR for MTA' should cover it well.

No skin off *my* ass - my MTA are considerably less forgiving than Matt's.

Bill












More information about the Kernel mailing list