From owner-freebsd-security  Sun Nov 17 20:58:14 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id UAA09976
          for security-outgoing; Sun, 17 Nov 1996 20:58:14 -0800 (PST)
Received: from salsa.gv.ssi1.com (salsa.gv.ssi1.com [146.252.44.194])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA09961
          for <freebsd-security@freebsd.org>; Sun, 17 Nov 1996 20:57:59 -0800 (PST)
Received: (from gdonl@localhost) by salsa.gv.ssi1.com (8.7.5/8.7.3) id UAA14688; Sun, 17 Nov 1996 20:57:45 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199611180457.UAA14688@salsa.gv.ssi1.com>
Date: Sun, 17 Nov 1996 20:57:45 -0800
In-Reply-To: Adam Shostack <adam@homeport.org>
       "Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)." (Nov 17, 10:35pm)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Adam Shostack <adam@homeport.org>,
        msmith@atrad.adelaide.edu.au (Michael Smith)
Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
Cc: freebsd-security@freebsd.org
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Nov 17, 10:35pm, Adam Shostack wrote:
} Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
} smap/smapd (from the TIS firewall toolkit) can handle mail delivery
} services & binding to port 25.  They're designed for security.

But they don't do ESMTP, smapd relies on sendmail to forward the
mail onto it's next hop, and I think smap/smapd also fell prey to
the syslog() hole (though the damage they could potentially do is
quite limited).

			---  Truck