Front Page

ISP How-To

Network Designs

Rates

Projects

About Us

Contact Us

Linux & ISP News

Kernels 2.6.32.8 · 2.4.37.9

What The Internet Knows About You. Web sites can read your history.

You deleted your cookies? Think again (10/08/09 Wired)

More companies monitoring e-mail (11/08/09 SecurityFocus)

Around the World

Global stats

Africa (11/2008)

Argentina 2

Brazil (02/2009)

Canada

Chile (01/2005)

Cuba (02/2007)

France (03/2009)

Germany (11/2008)

Haiti (08/2009)

Hungary (04/2009)

Italy 2 3

Spain (12/2009)

Switzerland (04/2008)

UK 2

Venezuela (10/2008)

Old/Reference

Sendmail Security Vulnerability (22/03/2006)

DNS DoS Attack Remedy (ISP Ltd) (21/03/2006)

Analysing malicious SSH log-in attempts (SecurityFocus)

Hijacking the World (1999)

Other Tech News

Microsoft sues TiVo (21/01/2010)

Solwise 200Mbps powerline adaptor (5/02 Register)

Sendmail MTA Security Advisory

22 March 2006

22/Mar/2006

One of the most reliable *nix server applications is Sendmail, handling millions of e-mails every day without a hint of trouble. Every now and then, somebody finds a way to exploit it, and this is one of those times.

This security flaw is reported by the major distributions as "high impact" with no known work-around, and now that it is being broadly advertised you can bet that many aspiring hackers will be trying to exploit this flaw, so be sure to upgrade your mail servers right away.

ISP Ltd. customers with a support contract will be upgraded starting today, at between midnight and 5am your local time.

Sendmail's official security advisory can be found at this URL:

http://www.sendmail.com/company/advisory/index.shtml

ISP Ltd. customers with networks built since 2004 should do this (during off-peak hours):

mailserver ~ # /etc/init.d/sendmail stop
mailserver ~ # eup sendmail
(wait until it is finished)
mailserver ~ # update-maps

To verify the running version of Sendmail, you can do this:

mailserver ~ # telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 rosalinda.ispl.ca ESMTP Sendmail 8.13.6/8.13.6; Thu, 23 Mar 2006 00:15:00 -0800

In this above dialogue, you will see that Sendmail 8.13.6 is running on this server. At this point, just press Ctrl+] and then type 'quit' to close the telnet session.

ISP Ltd. customers with networks built prior to 2004 should do the following:

mailserver ~ # cp -a /usr/lib/sendmail /tmp/ (to make a back-up copy)
mailserver ~ # cp -a /etc/mail /tmp/ (to make a back-up copy)
mailserver ~ # cd /usr/src/ispltd
mailserver ~ # wget ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.gz
mailserver ~ # tar -xzf sendmail.8.13.6.tar.gz
mailserver ~ # cd sendmail-8.13.6/sendmail
mailserver ~ # sh Build
· (if it says "ERROR: /usr/bin/m4 failed" please contact me for help)
mailserver ~ # cd ../cf/cf
mailserver ~ # cp /etc/mail/sendmail.mc .
· (if you don't have this file, please contact me)
mailserver ~ # sh Build sendmail.cf
mailserver ~ # /etc/init.d/sendmail stop
mailserver ~ # sh Build install-cf
mailserver ~ # cd ../..
mailserver ~ # sh Build install
mailserver ~ # update-maps

Others who have GNU/Linux systems not built by ISP Ltd. should follow the instructions provided on the Sendmail web site.

Be careful if you have add-on software that ties into Sendmail with special settings in the /etc/mail/sendmail.cf file. In this case, compare the new sendmail.cf to the one you backed-up so you can put those special settings back in place.