mailscanner trouble
Matt Kettler
mkettler at evi-inc.com
Tue Jul 24 17:58:49 IST 2007
Martin.Hepworth wrote:
> Simon
>
> You're running really really old mailscanner and really really really old spamassassin!
>
> I'd suggest you update both to modern versions first..
I'd agree.. however, he's also running a really really really old version of
RedHat ( Redhat 8, circa 2002), which is no longer supported and thus no longer
has security fixes posted.
He's also running a really old sendmail which is likely full of exploits.
I know sendmail-8.12.5-7 is vulnerable to at least this remote DoS attack.
http://www.securityfocus.com/bid/8485
This version of RedHat also runs perl 5.0005, which would inhibit upgrading to
anything too terribly modern. SpamAssassin ditched 5.0005 support with SA 3.0.0.
2.6x would be the newest build that would support such an old version of perl.
While it's a lot of work, really Simon should be completely upgrading his entire
OS. Centos might make a good option as it would be relatively familiar to a
RedHat user and has fairly long-lived release cycles.
Upgrading a couple tools won't help you when nearly every package on your entire
system is 5 years old and doesn't have any security updates published.
More information about the MailScanner
mailing list