From: Dean Strik (deanstack.nl)
Date: Mon Feb 07 2005 - 06:36:30 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Erwin Lansing wrote:
> On Sun, Feb 06, 2005 at 05:55:42PM -0500, Wietse Venema wrote:
> > In a recent announcement on the Full-Disclosure mailing list, Martin
> > Pitt <martin.pittcanonical.com> wrote:
> >
> > > Jean-Samuel Reynaud noticed a programming error in the IPv6 handling
> > > code of Postfix when /proc/net/if_inet6 is not available (which is the
> > > case in Ubuntu since Postfix runs in a chroot). If "permit_mx_backup"
> > > was enabled in the "smtpd_recipient_restrictions", Postfix turned into
> > > an open relay, i. e. erroneously permitted the delivery of arbitrary
> > > mail to any MX host which has an IPv6 address.
> >
> > This is a bug in a third-party IPv6 patch that is not part of
> > Postfix. The bug affects Linux systems only.
> >
> Actually, I experienced the same issue about 2 years ago on FreeBSD.
> It is only a problem when an ip-address is specified and not when
> specifying a full cidr. Apart from this issue being there since this
> patch was available, it can only be a problem when appying unofficial
> patches and not reading their docs.

That is a completely different issue than the issue mentioned here.

--
Dean C. Strik Eindhoven University of Technology
deanstack.nl | deanipnet6.org | http://www.ipnet6.org/
"This isn't right. This isn't even wrong." -- Wolfgang Pauli

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]