From owner-freebsd-bugs  Sun Jan 13 18: 0: 9 2002
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 9A8A437B41A
	for <freebsd-bugs@hub.freebsd.org>; Sun, 13 Jan 2002 18:00:03 -0800 (PST)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g0E203C37046;
	Sun, 13 Jan 2002 18:00:03 -0800 (PST)
	(envelope-from gnats)
Received: from wwweasel.geeksrus.net (wwweasel.geeksrus.net [64.67.200.82])
	by hub.freebsd.org (Postfix) with ESMTP id 27A5237B404
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 13 Jan 2002 17:59:24 -0800 (PST)
Received: (from alane@localhost)
	by wwweasel.geeksrus.net (8.11.6/8.11.6) id g0E1wXC85902;
	Sun, 13 Jan 2002 20:58:33 -0500 (EST)
	(envelope-from alane)
Message-Id: <200201140158.g0E1wXC85902@wwweasel.geeksrus.net>
Date: Sun, 13 Jan 2002 20:58:33 -0500 (EST)
From: Alan Eldridge <ports@geeksrus.net>
Reply-To: Alan Eldridge <ports@geeksrus.net>
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.113
Subject: conf/33855: freebsd.mc enables relay_based_on_MX: open-relay vulnerability
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org


>Number:         33855
>Category:       conf
>Synopsis:       freebsd.mc enables relay_based_on_MX: open-relay vulnerability
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 13 18:00:03 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Alan Eldridge
>Release:        FreeBSD 4.4-STABLE i386
>Organization:
Geeksrus.NET
>Environment:
System: FreeBSD wwweasel.geeksrus.net 4.4-STABLE FreeBSD 4.4-STABLE #0: Sun Dec 2 19:14:12 EST 2001 root@wwweasel.geeksrus.net:/usr/obj/usr/src/sys/WWWEASEL i386

>Description:

The default mailer configuration enables "relay_based_on_MX". This feature
is dangerous, as it can allow outsiders to use the system as an incoming mail
relay without the owner's permission. 

<paranoia>
A spammer could use this feature to cause a host to appear in the
chain of "Received from:" headers of a spam run, thus landing the
host on various blacklists and seriously impeding the ability to send
mail from the system. Since spammers like to involve uninterested
third parties in their mailings as a misdirection technique, this is
not that far-fetched, unfortunately.
</paranoia>

>How-To-Repeat:

>Fix:

--- patch-etc-sendmail-freebsd.mc begins here ---
--- /usr/cvsup/src/etc/sendmail/freebsd.mc	Sat Jul 14 14:07:27 2001
+++ ./freebsd.mc	Sun Jan 13 20:50:07 2002
@@ -52,7 +52,10 @@
 FEATURE(blacklist_recipients)
 FEATURE(local_lmtp)
 FEATURE(mailertable, `hash -o /etc/mail/mailertable')
-FEATURE(relay_based_on_MX)
+dnl Uncomment to allow relaying to anyone who lists this host
+dnl in a DNS MX record. This allows someone to use this host as
+dnl as incoming mailhost without permission.
+dnl FEATURE(relay_based_on_MX)
 FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')
 
 dnl Uncomment to activate Realtime Blackhole List
--- patch-etc-sendmail-freebsd.mc ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message