Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 14 Mar 1998 20:14:45 +0900 (JST)
From:      Hiroharu Tamaru <tamaru@ap.t.u-tokyo.ac.jp>
To:        FreeBSD-gnats-submit@FreeBSD.ORG
Subject:   conf/6002: /etc/mail/sendmail.cf.addtions seems to leak.
Message-ID:  <199803141114.UAA12831@gin.myn.t.u-tokyo.ac.jp>

next in thread | raw e-mail | index | archive | help

>Number:         6002
>Category:       conf
>Synopsis:       /etc/mail/sendmail.cf.addtions seems to leak.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 14 03:20:02 PST 1998
>Last-Modified:
>Originator:     Hiroharu Tamaru
>Organization:
Dept. Appl. Phys, University of Tokyo.
>Release:        FreeBSD 2.2.6-BETA i386
>Environment:
	System: FreeBSD gin.myn.t.u-tokyo.ac.jp 2.2.6-BETA FreeBSD 2.2.6-BETA #0: Sat Mar 14 01:27:36 JST 1998 tamaru@gin.myn.t.u-tokyo.ac.jp:/workspace/usr.src/sys/compile/GIN i386
	CVSupped on Mar 12.

>Description:

 /etc/mail/sendmail.cf.addtions may not be correct.

 `Connecting Host must resolve' function and 
 `ip address must NOT be in Paul Vixie's RBL' function
 in rule `check_mail' and
 `mail must come from or go to this machine or machines we allow to relay'
 in rule `check_recpt' doesn't seem to work.

 I say 'seem' because I haven't checked it in real practice whether it 
 really does forward junk mails.
 I just checked it with the -bt option of sendmail.
 
>How-To-Repeat:

 Say, for the first one:

 After replacing one rule in rule `check_mail'(line 76) like the following,
 so that some client name is passed while testing with sendmail -bt
 -R$*			$: $1 $: $(dequote "" $&{client_name} $)
 +$*			$: $1 $: $(dequote "" "host.junk.com" $)

 % sendmail -bt
 > check_mail user@freebsd.org
 rewrite: ruleset 196   input: user @ freebsd . org
 rewrite: ruleset   3   input: user @ freebsd . org
 rewrite: ruleset  96   input: user < @ freebsd . org >
 rewrite: ruleset  96 returns: user < @ freebsd . org . >
 rewrite: ruleset   3 returns: user < @ freebsd . org . >
 rewrite: ruleset   3   input: foo @ OK $: host . junk . com
 rewrite: ruleset  96   input: foo < @ OK $: host . junk . com >
 rewrite: ruleset  96 returns: foo < @ host . junk . com >
 rewrite: ruleset   3 returns: foo < @ host . junk . com >
 rewrite: ruleset 199   input: foo < @ host . junk . com > $:
 rewrite: ruleset 199 returns: foo < @ host . junk . com > $:
 rewrite: ruleset 196 returns: OK

 Since host.junk.com is not a valid host, this should not pass through.
 
>Fix:
	
 I don't know much about sendmail.cf but the following seems
 to make things better.

--- sendmail.cf.additions-      Sat Mar 14 00:29:26 1998
+++ sendmail.cf.additions       Sat Mar 14 19:25:01 1998
@@ -68,19 +68,21 @@
 # mail must NOT come from a known source of spam--BEGIN
 R$+ @$+                        $: <$1@$2> $2
 R<$*> $+.$+.$+         <$1> $3.$4
-R<$*> $*               $: $(spamsites $2 $: OK $)
+R<$*> $*               $: $(spamsites $2 $: <$1> $2 $)
 R$+.REJECT             $#error $: 521 $1 
 R<$*> $*               $: $1
 # mail must NOT come from a known source of spam--END
 # Connecting Host must resolve--BEGIN
-R$*                    $: $1 $: $(dequote "" $&{client_name} $)
-R$*                    $: $>3 foo@$1
+R$*                    $: <$1> $(dequote "" $&{client_name} $)
+R<$*> $*               $: <$1> $>3 foo@$2
+R<$*> $* < @ $+ . >    $: $1
 R<$*> $*<@$*>          $#error $: "451 Domain does not resolve"
 # Connecting Host must resolve--END
 # ip address must NOT be in Paul Vixie's RBL--BEGIN
-R$*                    $: $1 $: $(dequote "" $&{client_addr} $)
-R$*                    $: $>check_rbl $1
+R$*                    $: <$1> $(dequote "" $&{client_addr} $)
+R<$*> $*               $: <$1> $>check_rbl $2
 R$*.com.               $#error $: "550 Mail refused, see http://maps.vix.com/rbl"
+R<$*> $*               $1
 # ip address must NOT be in Paul Vixie's RBL--END
 R$*                    $@ OK
 
@@ -100,7 +102,7 @@
 R<$*> $*               $: $1
 # mail must NOT be addressed "fakenames"--END
 # mail must come from or go to this machine or machines we allow to relay--BEGIN
-# R$*                  $: $>Parse0 $>3 $1
+# R$*                  $: $>3 $1
 # R$+ < @ $* . > $*    $: $1 < @ $2 >
 # R$+ < @ $=w>         $@ OK
 # R$+ < @ $* $=R>      $@ OK
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199803141114.UAA12831>