mailscanner breaks etrn
Dan Hollis
spamtrap71892316634 at ANIME.NET
Thu Jan 12 00:17:52 GMT 2006
On Thu, 12 Jan 2006, Raymond Dijkxhoorn wrote:
>> If I run sendmail by itself (/etc/rc.d/init.d/sendmail), etrn works:
>> I have spent hours trying to figure out why mailscanner disables etrn, but
>> failed. Anyone know what's up with this?
> This is by design... your ETRN on a incomming sendmail, that one doesnt have
> scanning, so how would you combine this? You will break things if you do.
> Most likely you have to add a extra box to start using ETRN.
> If MailScanner is running on a high volume mail server and if SMTP ETRN
> commands are allowed, a remote attacker could create malicious emails that
> would be held in the incoming mail queue (mqueue.in) for a long period of
> time, which would bypass the MailScanner virus protection. An attacker could
> exploit this vulnerability to launch further attacks against the affected
> server.
you can restrict what IP addresses are allowed ETRN via a local ruleset.
sendmail book 3rd edition, chapter 19. see check_etrn policy rule set.
so this is no problem whatsoever.
-Dan
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list