mailscanner breaks etrn

Dan Hollis spamtrap71892316634 at ANIME.NET
Thu Jan 12 00:17:52 GMT 2006


On Thu, 12 Jan 2006, Raymond Dijkxhoorn wrote:
>> If I run sendmail by itself (/etc/rc.d/init.d/sendmail), etrn works:
>> I have spent hours trying to figure out why mailscanner disables etrn, but 
>> failed. Anyone know what's up with this?
> This is by design... your ETRN on a incomming sendmail, that one doesnt have 
> scanning, so how would you combine this? You will break things if you do. 
> Most likely you have to add a extra box to start using ETRN.
> If MailScanner is running on a high volume mail server and if SMTP ETRN 
> commands are allowed, a remote attacker could create malicious emails that 
> would be held in the incoming mail queue (mqueue.in) for a long period of 
> time, which would bypass the MailScanner virus protection. An attacker could 
> exploit this vulnerability to launch further attacks against the affected 
> server.

you can restrict what IP addresses are allowed ETRN via a local ruleset.
sendmail book 3rd edition, chapter 19. see check_etrn policy rule set.

so this is no problem whatsoever.

-Dan

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list