Operating System - Linux
1748151 Members
3292 Online
108758 Solutions
New Discussion

Re: RH 4 Quiz question on sendmail

 
SOLVED
Go to solution
Steven E. Protter
Exalted Contributor

Re: RH 4 Quiz question on sendmail

The formmail script submitted locally.

The exploit was possible because the form did not limit input size on the fields, permitting the abuser to submit thousands of characters into a field that is supposed to contain one email address.

Of course I got to make the change.

We have a winner in Stuart Browne.

I also had a stint of planned unemployment which ended September of 2005.

I'm miffed that there is little documentation on the /var/spool/client... directory.

Made the process of cleaning out the spam much harder.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Stuart Browne
Honored Contributor

Re: RH 4 Quiz question on sendmail

*nod*. It's been around since RH8, so I've had plenty of time to be poked with it.

The introduction was actually with that version of sendmail, and is recommended by the sendmail guy's to have the split config (MTA/MSP). The reasons for it are discussed in '/usr/share/doc/sendmail/SECURITY', well some of them.
One long-haired git at your service...