Majordomo-Users: Re: Security hole

Majordomo-Users
(April 2004)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Security hole
From:	mp @ gtt-technologies . de
Date:	Fri, 02 Apr 2004 15:04:06 +0200
To:	Daniel Liston <dliston @ sonny . org>
Cc:	majordomo-users @ greatcircle . com
In-reply-to:	<406C9919.C3686A63@sonny.org>

Thanks, Dan.
I think I understand now.

Restrict_post and Reply_to are absolutly correct set and are not the reason for our 
problem. It's that alias address that shows up in a "Received: from" section of the mail 
header.
Here's an excerpt of a typical newsletter mail from our list-server:

Return-path: <owner-gtt-news@gttserv.lth.rwth-aachen.de>                   
Envelope-to: mp@gtt-technologies.de                                        
Delivery-date: Thu, 15 Jan 2004 16:39:28 +0100                             
Received: from [134.130.64.4] (helo=gttserv.lth.rwth-aachen.de)
	by mxng16.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1Ah9ai-0008IJ-00; Thu, 15 Jan 2004 16:39:28 +0100                       
Received: from gttserv.lth.rwth-aachen.de (localhost [127.0.0.1])
	by gttserv.lth.rwth-aachen.de (8.12.3/8.12.3/SuSE Linux 0.6) with ESMTP id i0FFObdr020855
	for <gtt-news-list@gttserv.lth.rwth-aachen.de>; Thu, 15 Jan 2004 16:24:37 +0100
Received: (from mdom@localhost)
	by gttserv.lth.rwth-aachen.de (8.12.3/8.12.3/Submit) id i0FFObKn020854
	for gtt-news-list; Thu, 15 Jan 2004 16:24:37 +0100                         
X-Authentication-Warning: gttserv.lth.rwth-aachen.de: mdom set sender to owner-gtt-
news@gttserv.lth.rwth-aachen.de using -f
Date: Thu, 15 Jan 2004 16:24:29 +0100 (MET)
From: sp@gtt-technologies.de
Subject: GTT-News, Issue 38
X-Sender: sp@gtt-ws7.lth.rwth-aachen.de                                    
To: GTT-News@gtt-technologies.de

The insecure address we're talking about is gtt-news-list@gttserv.lth.rwth-aachen.de. 
Normal action on a mail like the one above would never result in sending a mail back to 
this address.

We're using Suse Linux 8.0 on our server, which installed Majordomo and sendmail with 
standard configuration.
I know, what you would say now: Never use standard configuration, since it is a 
compromise to all possible users!
I will now try to understand the current config of our sendmail and it's mail address 
aliases and figure out how to change it to meet our requirements. 
Since I never worked with it before, it looks like it's getting to be a very time consuming 
process ... :-(

Thanks again for your help.

Best regards 
Matthias Paetzold 
GTT-Technologies

Follow-Ups:

Re: Security hole
From: Daniel Liston <dliston@sonny.org>

References:

Re: Security hole
From: Daniel Liston <dliston@sonny.org>

Indexed By Date	Previous:	Re: Security hole From: Daniel Liston <dliston@sonny.org>
Indexed By Date	Next:	Re: Security hole From: Daniel Liston <dliston@sonny.org>
Indexed By Thread	Previous:	Re: Security hole From: Daniel Liston <dliston@sonny.org>
Indexed By Thread	Next:	Re: Security hole From: Daniel Liston <dliston@sonny.org>