Return to BSD News archive
Newsgroups: comp.unix.bsd.freebsd.misc
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!spool.mu.edu!sol.ctr.columbia.edu!news.msfc.nasa.gov!newsfeed.internetmci.com!ncar!uchinews!news
From: csdayton+usenet@midway.uchicago.edu (Soren Dayton)
Subject: Re: sendmail.cf bug?
In-Reply-To: hsnyder@sni-usa.com's message of Thu, 14 Mar 1996 20:10:56 GMT
X-Nntp-Posting-Host: woodlawn.uchicago.edu
Message-ID: <xcdlol3gtpb.fsf@woodlawn.uchicago.edu>
To: hsnyder@sni-usa.com (Hal Snyder)
Lines: 35
Sender: csdayton@woodlawn.uchicago.edu
Organization: uchi.comp.unix viper cabal
X-Newsreader: Gnus v5.1
References: <31487508.266262635@aquila.sni-usa.com>
Date: Thu, 14 Mar 1996 23:07:12 GMT
Our friend, hsnyder@sni-usa.com (Hal Snyder), wrote:
> Here is a possible bug with the sendmail ruleset shipped with FreeBSD
> 2.1 (sendmail 8.6.12.1):
at least get the patch to make it 8.6.13. There is a kinda important
security hole. You really ought to get 8.7.5.
I think that this is a problem with your DNS. Here is why:
> The rule that does this is in Ruleset 96 - "bottom half of Ruleset 3"
> R$* < @ $* $~P > $* $: $1 < @ $[ $2 $3 $] > $4
^^^^^^^^^^^
marks a DNS lookup.
> As I read this rule, it should fail if the input ends with any member
> of class P. Instead, ~P matches "com" and $* matches "trans.sni-usa."
> causing the problem above.
so it is looking up trans.sni-usa.com and coming back with
trans.sni-usa.com.trans.sni-usa.com. which is not really what you are
looking for.
In any case, the class P is supposed to be used for toplevel
pseudo-domains (like BITNET). So your use of it is completely wrong :)
Its default value is just a dot `.' so it should not do much of
anything (meaning it would only match _nothing_). I suspect that if you
remove the definition of CPtrans.... from your cf file then things
would be ok. Of course I think that you are _still_ having a DNS
problem here.
Soren