Subject: bin/4498: sendmail and wrappers -- fixes from Wietse
To: None <gnats-bugs@gnats.netbsd.org>
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
List: netbsd-bugs
Date: 11/15/1997 12:05:01
Note: There was a bad value `sw' for the field `>Class:'.
It was set to the default value of `sw-bug'.
>Number: 4498
>Category: bin
>Synopsis: sendmail never selects the UNKNOWN host setting from host.allow
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: bin-bug-people (Utility Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Nov 15 12:20:03 1997
>Last-Modified:
>Originator: Wolfgang Rupprecht
>Organization:
W S Rupprecht Computer Consulting, Fremont CA
>Release: current Sat Nov 15 12:00:55 PST 1997
>Environment:
System: NetBSD capsicum.wsrcc.com 1.3_ALPHA NetBSD 1.3_ALPHA (WSRCC) #0: Fri Nov 14 13:55:07 PST 1997 root@capsicum.wsrcc.com:/v/src/netbsd/current/sys/arch/i386/compile/WSRCC i386
>Description:
sendmail never selects the UNKNOWN host setting from host.allow
the string "[ ip.ad.re.ss ]" is taken as a known hostname.
>How-To-Repeat:
/usr/sbin/sendmail -bd -q30m
send mail from a DNS-unregisted host.
>Fix:
cd /v/src/netbsd/current/usr.sbin/sendmail/src/
diff -c /v/src/netbsd/current/usr.sbin/sendmail/src/conf.c.\~1\~ /v/src/netbsd/current/usr.sbin/sendmail/src/conf.c
*** /v/src/netbsd/current/usr.sbin/sendmail/src/conf.c.~1~ Mon Nov 10 07:39:57 1997
--- /v/src/netbsd/current/usr.sbin/sendmail/src/conf.c Sat Nov 15 11:57:22 1997
***************
*** 4118,4132 ****
}
#if TCPWRAPPERS
- if (!hosts_ctl("sendmail", hostname, anynet_ntoa(sap), STRING_UNKNOWN))
{
! if (tTd(48, 4))
printf(" ... validate_connection: BAD (tcpwrappers)\n");
! if (LogLevel >= 4)
sm_syslog(LOG_NOTICE, NOQID,
! "tcpwrappers (%s, %s) rejection",
! hostname, anynet_ntoa(sap));
! return FALSE;
}
#endif
if (tTd(48, 4))
--- 4118,4144 ----
}
#if TCPWRAPPERS
{
! /* the next few lines are from
! Wietse Venema <wietse@(nospam)wzv.win.tue.nl> */
!
! char *host;
!
! if (hostname[0] == '[' && hostname[strlen(hostname) - 1] == ']')
! host = STRING_UNKNOWN;
! else
! host = hostname;
!
! if (!hosts_ctl("sendmail", host, anynet_ntoa(sap), STRING_UNKNOWN))
! {
! if (tTd(48, 4))
printf(" ... validate_connection: BAD (tcpwrappers)\n");
! if (LogLevel >= 4)
sm_syslog(LOG_NOTICE, NOQID,
! "tcpwrappers (%s, %s) rejection",
! hostname, anynet_ntoa(sap));
! return FALSE;
! }
}
#endif
if (tTd(48, 4))
Diff finished at Sat Nov 15 12:02:33
=======
Msg included.
=======
From: Wietse Venema <wietse@(nospam)wzv.win.tue.nl>
Subject: Re: /etc/hosts.deny and sendmail
Newsgroups: comp.mail.sendmail
Date: 15 Nov 1997 14:15:52 -0500
Organization: Wietse's hangout while on sabattical in the USA
Path: dailyplanet.wsrcc.com!news1.best.com!news.maxwell.syr.edu!newsfeed.internetmci.com!168.100.1.3!news.cloud9.net!news.porcupine.org!news.porcupine.org!not-for-mail
Lines: 25
Message-ID: <64ksd8$7ms$1@spike.porcupine.org>
References: <62lneu$gdl$1@ulysses.noc.ntua.gr> <slrn64vm95.ihf.olsenc@misha.ee.washington.edu> <brad-2410971201310001@brad.his.com> <x7n2juls53.fsf@kci.kciLink.com> <brad-2910971723560001@brad.his.com>
NNTP-Posting-Host: spike.porcupine.org
Xref: dailyplanet.wsrcc.com comp.mail.sendmail:45406
>Audit-Trail:
>Unformatted:
>> Damn... I was wondering why my rule
>>
>> sendmail: ALL@KNOWN except ...
>>
>> did not block mail coming from servers with no known reverse IP
>> lookup. I guess this is why. It seems like a bad way to integrate
>> the tcp wrappers.
This week I found out that sendmail calls my wrapper incorrectly,
causing hosts to always match the KNOWN pattern. A workaround is
below. Similar code will appear in the next sendmail release.
Wietse
--- workaround, file conf.c ---
char *host;
...
if (hostname[0] == '[' && hostname[strlen(hostname) - 1] == ']')
host = STRING_UNKNOWN;
else
host = hostname;
if (!hosts_ctl("sendmail", host, anynet_ntoa(sap), STRING_UNKNOWN))
{
...
==== end ====