Kevin Vance - Also, I've received >30 emails about the sendmail hole since it…

Entries | Archive | Friends | Friends' Friends | User Info

04:04 pm

Tuesday, March 4th, 2003
Previous Entry Share Next Entry
Also, I've received >30 emails about the sendmail hole since it was publicly released. Including one from OIT which was sent to everyone on UMD's network with port 25 open, with instructions on how to disable sendmail if you don't actually want it, or how to get the patch if you do. Every sysadmin should do this.

Anyway, here's a quick way to check if your sendmail binary is patched:

strings sendmail | grep 'Dropped invalid comments from header address'

That string is only in the fixed version, so if it's not there, you need to patch.

And hopefully this will be my last post about sendmail :)
Link )Reply )