New Sendmail security feature

Ken A ka at
Thu Jun 15 16:04:08 IST 2006

Kai Schaetzl wrote:
> Ken A wrote on Wed, 14 Jun 2006 11:31:45 -0700:
>> "by limiting the maximum message size accepted by your server (via the 
>> sendmail MaxMessageSize option), you can eliminate the attack completely." 
>> Does anyone using sendmail NOT limit max message size you'll accept?
> well, they are "vague" about the size. Even the original advisory at
> just says "very large". What is "very large"?

'ulimit -a | grep stack' will tell you what "very large" is, I think.

I'm just waiting for yum repositories to get the new version and it's a 
minor patch, so it should be no problem upgrading very soon.

For now, I just put 'ulimit -s xxxxx' at the top of my 
/etc/init.d/MailScanner file, so the processes start with a stack size 
limit that is > MaxMessageSize.

Ken A

> Kai

More information about the MailScanner mailing list