Security problem reported with Postfix

John Clancy john.clancy at businessworld.ie
Thu Feb 10 08:34:29 GMT 2005


    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Hi Folks,

I'm sure most people on the list who might use Postfix are already aware of
this but I thought I should probably post it anyway

21. Postfix IPv6 Unauthorized Mail Relay Vulnerability
BugTraq ID: 12445
Remote: Yes
Date Published: Feb 04 2005
Relevant URL: http://www.securityfocus.com/bid/12445
Summary:
Postfix is prone to a vulnerability that allows the application to be abused
as a mail relay.

Arbitrary mail may be sent to any MX host with an IPv6 address.  This could
be exploited by spammers or other malicious parties.

Postfix 2.1.3 is reported prone to this issue.  It is possible that other
versions are affected as well.


JC

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list