Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[VulnDiscuss] Re: sendmail 8.12.8 available
From: Bennett Todd (betrahul.net)
Date: Fri Mar 07 2003 - 13:49:27 CST
On Mon, 3 Mar 2003, Florian Weimer wrote:
> Would people be willing to share filter rules for other MTAs to
> block offending messages on relays?
Wietse Venema offered the following responses for Postfix. First out
of the gate was , this regexp-based quick-response; capable of
false-positives, but not as scary as might be feared since it only
looks in the headers (place this in a regexp map, assign that to
/<><><><><><>/ reject possible CA-2003-07 sendmail buffer overflow exploit
Then he came out with , a new release of postfix with
functionality like that of patched sendmail, sanitizing messages
as they pass through and logging when it does so. This enhancement
he then broke out as a light patch  to apply against most
versions of postfix that might be in use, for people who'd like the
protection without having to upgrade to a newer version.
To be clear here: Postfix is not itself susceptible to this problem.
The only purpose for this patch is to allow Postfix to mung messages
to protect vulnerable sendmails downstream from it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
-----END PGP SIGNATURE-----