HPE Community
Operating System - HP-UX
1848719 Members
6793 Online
104036 Solutions
New Discussion

Re: sendmail and .forward

 
marco_123
New Member

‎07-21-2004 02:50 AM

‎07-21-2004 02:50 AM

sendmail and .forward

Under /var/syslogd/mail i have 150 mb of

Jul 20 18:13:19 smsc1a sendmail[7606]: i6KG0HW02946: forward /home/smsc/.forward: World writable directory
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KG0HW02946: to=smsc, ctladdr=smsc (20001/3), delay=00:13:02, xdelay=00:00:00, mailer=local, pri=570526
, dsn=4.0.0, stat=Deferred
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KG0OR03332: forward /home/smsc/.forward: World writable directory
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KG0OR03332: to=smsc, ctladdr=smsc (20001/3), delay=00:12:55, xdelay=00:00:00, mailer=local, pri=571034
, dsn=4.0.0, stat=Deferred
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KFwGu01182: forward /home/smsc/.forward: World writable directory
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KFwGu01182: to=smsc, ctladdr=smsc (20001/3), delay=00:15:03, xdelay=00:00:00, mailer=local, pri=660549
, dsn=4.0.0, stat=Deferred
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KFjLR26064: forward /home/smsc/.forward: World writable directory
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KFjLR26064: to=smsc, ctladdr=smsc (20001/3), delay=00:27:58, xdelay=00:00:00, mailer=local, pri=111103
4, dsn=4.0.0, stat=Deferred
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KFeEp23326: forward /home/smsc/.forward: World writable directory
Jul 20 18:13:19 smsc1a sendmail[7606]: i6KFeEp23326: to=smsc, ctladdr=smsc (20001/3), delay=00:33:05, xdelay=00:00:00, mailer=local, pri=138052
6, dsn=4.0.0, stat=Deferred
.
.
.

30 Messages replicate in one second!!!i don't understand why
/home/smsc isn't a World writable directory

drwxr-xr-x 17 smsc sys 2048 Jul 12 14:45 smsc

Can someone help me?

Thanks a lot
Marco
0 Kudos
Reply
8 REPLIES 8
Jeff Schussele
Honored Contributor

‎07-21-2004 02:54 AM

‎07-21-2004 02:54 AM

Re: sendmail and .forward

Hi Marco,

You simply have to modify /home/smsc perms to remove other wirte perms - i.e. it's probably drwxr-xrw- or such & should be drwxr-xr-x
do the following
chmod 755 /home/smsc

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎07-21-2004 02:55 AM

‎07-21-2004 02:55 AM

Re: sendmail and .forward

What about permission on .forward as well as /etc/mail?

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎07-21-2004 02:55 AM

‎07-21-2004 02:55 AM

Re: sendmail and .forward

Oh & I should mention that even though the file is not writable, the dir is so the file could be deleted & replaced. That's what it's warning you about.

Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎07-21-2004 02:58 AM

‎07-21-2004 02:58 AM

Re: sendmail and .forward

Also, I believe it's backward recursive - so check permissions on /home as well.

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
marco_123
New Member

‎07-21-2004 02:58 AM

‎07-21-2004 02:58 AM

Re: sendmail and .forward

Thanks Jeff but actually the permission is this one:

drwxr-xr-x 17 smsc sys 2048 Jul 12 14:45 smsc

Any ideas?

Marco
0 Kudos
Reply
marco_123
New Member

‎07-21-2004 03:01 AM

‎07-21-2004 03:01 AM

Re: sendmail and .forward

Geoff this is permission of /home

drwxrwxrwx 15 omni sys 1024 Mar 11 14:34 home


Thanks Marco
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎07-21-2004 03:03 AM

‎07-21-2004 03:03 AM

Re: sendmail and .forward

Aha!

/home should be 755

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎07-21-2004 03:08 AM

‎07-21-2004 03:08 AM

Re: sendmail and .forward

General Discussion:

Any file that has control of sendmail setup, even for one user can trigger this security complaint.

If the directory(bad but nor horrible) is world writable or the file is(very bad) a spammer can modify this file and then send all their nice garbage through the one user. If the spammer is really good, he/she/it can create an open relay.

A good way to scan your system totally for these kind of issues is to run bastille on it.

Here is a copy of the free utility:
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.