[Esd-l] FYI critical sendmail vulnerability

Brett Glass brett at lariat.org
Tue Mar 4 00:45:41 PST 2003

At 08:44 PM 3/3/2003, John D. Hardin wrote:
>...and if I had a sample I could sanitize it.

But by then it would be too late. Procmail doesn't get the message
until after Sendmail does.

I don't even think it's possible to use Milter to catch the
headers in time.

But you COULD use smtpd or a transparent proxy.


More information about the esd-l mailing list