[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] POP before SMTP, Open relay still open

Subject: Re: [cobalt-users] POP before SMTP, Open relay still open
From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
Date: Thu Jul 5 17:53:04 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> > Either yesterday or even earlier today, a hack was posted to close the
> > vulnerability.  You should find it here:
> > http://list.cobalt.com/pipermail/cobalt-security/2001-July/002689.html
>
> I applied the hack as directed, although I am on a RaQ3, and it is still
> allowing the relay :( Has anyone successfully patched a RaQ3 yet?

If you tested the exploit before applying the hack, did you delete the
offending IP from the poprelayd database before running the exploit again?

To do so, use the following to list the IP's in the database:
perl /usr/local/sbin/poprelayd -p

And use the following to delete the offending IP (e.g. 66.66.66.66):
perl /usr/local/sbin/poprelayd -r 66.66.66.66

Now add the hack and test the exploit to see if 66.66.66.66 is re-entered
into the poprelayd d/b.

Regards,
Jonathan Michaelson
Way to the Web Ltd
Commercial Perl CGI Scripting

Follow-Ups:
- RE: [cobalt-users] POP before SMTP, Open relay still open
  - From: J. Patrick Lanigan

References:
- RE: [cobalt-users] POP before SMTP, Open relay still open
  - From: J. Patrick Lanigan

Prev by Date: [cobalt-users] ACTINIC software
Next by Date: Re: [cobalt-users] POP before SMTP, Open relay still open
Previous by thread: RE: [cobalt-users] POP before SMTP, Open relay still open
Next by thread: RE: [cobalt-users] POP before SMTP, Open relay still open

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index