[BUGS] [root: seaholm security check output]

jonathan michaels jlm at caamora.com.au
Wed Jan 23 20:18:56 EST 2008 

On Wed, Jan 23, 2008 at 07:46:01PM +1100, Jerahmy Pocott wrote:
> 
> On 23/01/2008, at 6:41 PM, jonathan michaels wrote:
> 
> > Jan 23 03:15:52 sendmail[19172]: NOQUEUE: pooladsl- 
> > b-15-132.ipcom.comunitel.net [212.145.238.132] did not issue MAIL/ 
> > EXPN/VRFY/ETRN during connection to MTA
> > Jan 23 03:16:05 sendmail[19174]: NOQUEUE:  
> > dsl.dynamic851001276.ttnet.net.tr [85.100.12.76] (may be forged) did  
> > not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
> 
> If they are connecting and not doing thing, maybe it's actually a DoS  
> attack?

i recall somebody saying somethinglike that a while ago when i
raised those types in discussion about various discrepancies, i
didn't understand.

> 
> M4 Macro: confTO_COMMAND
> Variable: Timeout.command
> 
> The default for that value is 1 hour, which I believe means sendmail  
> will wait an entire hour for a connection to send a command before it  
> decides to drop it.. I don't think that's a reasonable time out in  
> this day and age, you might want to try setting it to 5 minutes (which  
> is the minimum timeout period specified by RFC 2821 section 4.5.3.2  
> for command to be issued).

noted, understood and will make teh change ... sounds sensible
to me.

> I am confused by:

so its not, just, me,
 
>  > Jan 23 03:06:27 m0MG6L119176: forward /var/spool/uucppublic/.forward 
> +: World writable directory
> 
> I never use uucp, but that directory is SUPPOSED to be world writable  
> for it to work properly as far as I know.. 

yes, that is the way i have always run sendmail, and part of
teh reason that i haven't upgraded, yet .. 

> Are you using uucp?

i started out by getting my mail/usenet via uucp in a
reasonable well running netware/os2/pcdos network that i
converted to os9 then to qnx and finally to freebsd after 3
years it settled down and has been running fro 10 plus years
relatively stable and now reliable.

> I don't think sendmail is configured to even accept uucp by
> default, though I guess it might have been back in 97..

it was not, i converted from smail to sendmail, that was a
nightmare on its own, uucp wasn't much of a favorite, in '97
and has gone down hill since then. i still have a few friends
who use old computers setup with ms dos and os/2 and pc dos and
we still run uucp over a fidonet based pc dos tcp/ip network
... tis amazing how far things have come and how much they have
not changed, life, indeed.

> Hmm..

does anybody know if its possible to still run uucp on teh
current sendmail, yes, teh docs say it should, but has anyone
tried ?? or is smail/zmailer a better way to go ?? 

regards

jonathan

-- 
================================================================
powered by ..
QNX, OS9 and freeBSD  --  http://caamora com au/operating system
==== === appropriate solution in an inappropriate world === ====

More information about the BUGS mailing list