From owner-freebsd-isp Fri Dec 6 9:16:39 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C37237B401 for ; Fri, 6 Dec 2002 09:16:37 -0800 (PST) Received: from ns1.via-net-works.net.ar (ns1.via-net-works.net.ar [200.10.100.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 231C343E4A for ; Fri, 6 Dec 2002 09:16:34 -0800 (PST) (envelope-from sistemas@fadapharma.com) Received: from pchnunez (pc-hnunez.vianetworks.com.ar [200.10.101.5] (may be forged)) by ns1.via-net-works.net.ar (8.12.6/8.12.6) with SMTP id gB6HGBDV048097 for ; Fri, 6 Dec 2002 14:16:12 -0300 (ART) (envelope-from sistemas@fadapharma.com) From: Orden Nro 16442 Message-ID: <007501c29d4b$3da6ba00$92660ac8@ms.vianetworks.net.ar> Reply-To: To: References: <011b01c29bb8$e84096f0$92660ac8_ms.vianetworks.net.ar@ns.sol.net> <3DEFEBE9.4030203@obluda.cz> Subject: Re: Sendmail + Milter + Amavis-Milter Date: Fri, 6 Dec 2002 14:16:39 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Mmm i see it.,., I'm wanna use an antivirus for the incoming and outgoing mail. I'm using sendmail 8.12.6 .,., Any other idea than Amavis-Milter ----- Original Message ----- From: "Dan Lukes" To: Sent: Thursday, December 05, 2002 9:14 PM Subject: Re: Sendmail + Milter + Amavis-Milter > hnunez@vianetworks.com.ar wrote, On 12/04/02 18:16: > > > Hi, > > > > I would like to setup Sendmail + Milter-ng + Amavis with milter > > interface. > > ... > > > cc -DAMAVISD_SOCKET=\"/var/run/amavis/milter.amavis\" > > -DRUNTIME_DIR=\"/var > > /spool/amavis\" -DPID_FILE=\"/var/run/amavis/amavis-milter.pid\" -o > > amavis-milter amavis-milter.c -L/usr/lib/libmilter/ -lmilter -lpthread > > Please note, the amavis-milter.c is poor quality code with several > potential bugs and race conditions including but not limited to two > buffer overflows (the remote exploitability is unknown) and unchecked > string allocations (strdup) with potential NULL dereferencing. > > I sent the list of those bugs with suggested patch to author of the > code, but got no response. Maybe, I know no correct place to sent the PR > to ... > > > I'm not sure if use of amavis-milter.c is real security risk (in doubth > we should answer "yes", of course), but I'm pretty sure it is > untrustable quick-hack-only quality code ... > > Dan > > -- > Dan Lukes tel: +420 2 21914205, fax: +420 2 21914206 > root of FIONet, KolejNET, webmaster of www.freebsd.cz > AKA: dan@obluda.cz, dan@freebsd.cz,dan@kolej.mff.cuni.cz > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message