From owner-freebsd-hackers  Mon Nov 18 09:30:51 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA29371
          for hackers-outgoing; Mon, 18 Nov 1996 09:30:51 -0800 (PST)
Received: from scruz.net (nic.scruz.net [165.227.1.2])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA29366
          for <freebsd-hackers@freebsd.org>; Mon, 18 Nov 1996 09:30:43 -0800 (PST)
Received: from osprey.grizzly.com by scruz.net (8.7.3/1.34)
	id JAA09109; Mon, 18 Nov 1996 09:29:47 -0800 (PST)
Received: (from markd@localhost) by osprey.grizzly.com (8.7.6/8.7.3) id JAA01379; Mon, 18 Nov 1996 09:30:23 -0800 (PST)
Date: Mon, 18 Nov 1996 09:30:23 -0800 (PST)
Message-Id: <199611181730.JAA01379@osprey.grizzly.com>
From: Mark Diekhans <markd@Grizzly.COM>
To: marcs@znep.com, rls@mail.id.net, roberto@keltia.freenix.fr,
        freebsd-hackers@freebsd.org
In-reply-to: <Pine.BSF.3.95.961118082418.4525C-100000@alive.ampr.ab.ca>
	(message from Marc Slemko on Mon, 18 Nov 1996 08:34:12 -0700 (MST))
Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>[moved to -hackers from security.  It started with a discussion of
>sendmail with uucp; I stated that sendmail still tries to use DNS no
>matter how you configure it and you have to recompile it to make it stop.]
>
>On Mon, 18 Nov 1996, Robert Shady wrote:
>
>> > Incorrect.  It RUNS without DNS but still TRIES to use it.  If you really
>> > don't have IP connectivity, then difference doesn't matter because it
>> > still works when the lookup fails, however it still does try and the
>> > difference does matter if you have partial IP connectivity.  I have a
>> > system setup with nocanonify and all the other config file tweaks I know
>> > of, and it still tries to use DNS as a tcpdump shows quite clearly.  This
>> > system is running 8.7.5, so things may have been changed in more recent
>> > versions but I can't say for sure; if this has changed in more recent
>> > versions, please let me know.
>> > 
>> > I _think_ the define that needs to be set to 0 is NAMED_BIND, but don't
>> > recall for sure.  This has been gone over before on the lists.

I disabled the use of DNS by sendmail by adding the file /etc/service.switch
containing the line:

hosts	files