Possible spam hole in mail servers - Linuxers

30 Aug 2001

      Please try this on your mail server.  I have already tried it on many
servers, including postfix and sendmail.  All are vulnerable.
telnet mailhost 25
helo hostname
mail from: <>
rcpt to: user@mailhost
data
...
the important things are -
1. the mail from address is blank: <>
2. the rcpt to addresses are within the mail servers domains so relay is
not a problem
This allows spammers to send mail using a null return address.  In the
mail, the address gets translated to MAILER-daemon.
To fix it in sendmail, go down to ruleset 3, search for a line that
starts with R<>
It should look like this:
R<>                    $@ < @ >                        MAIL FROM:<> case
change it to  this:
R<>                     $#error $@ 5.1.3 $: "User address required"
That should block anonymous senders.
Any idea why this is allowed (there is a special rule to allow it) at
all?
Philip
-- 
Repel them.  Repel them.  Induce them to relinquish the spheroid.
- Indiana University fans' chant for their perennially bad football team

Visit my webpage at http://www.ncst.ernet.in/~philip/
Read my writings at http://www.ncst.ernet.in/~philip/writings/

  MSN  philiptellis                         Yahoo!  philiptellis