John Stauffacher stauffacher at chapman.edu
Tue Mar 4 00:18:21 GMT 2003

Anybody out there having issues compiling 8.12.8 on sunOS 5.6? Looks like
the new patch broke it. Or it could just be my system. Weirder things have

John Stauffacher
Network Administrator
Chapman University
stauffacher at chapman.edu
"I ran out of sick days, so I called in dead" 
"The man who does not read good books has no advantage over the man who
cannot read them." -Mark Twain  (1835-1910)

"It is from numberless diverse acts of courage and belief that human history
is shaped. Each time a man stands up for an ideal, or acts to improve the
lot of others, or strikes out against injustice, he sends forth a tiny
ripple of hope, and crossing each other from a million different centers of
energy and daring those ripples build a current which can weep down the
mightiest walls of oppression and injustice." - Robert F Kennedy

Pursuant to 47 USC, unsolicited e-mail sent to any of my addresses is
subject to an archival fee of not less than $500 U.S. per copy. E-mail
received after any receipt of this notice implies acceptance of these terms.
A copy of the specific law regarding this activity may be found at

-----Original Message-----
From: Peter Ruprecht [mailto:ruprech at jilau1.Colorado.EDU] 
Sent: Monday, March 03, 2003 1:19 PM
To: mark.borrie at otago.ac.nz
Cc: unisog at sans.org

>From the CERT advisory at http://www.cert.org/advisories/CA-2003-07.html:

"A successful attack against an unpatched sendmail system will not
leave any messages in the system log. However, on a patched system, an
attempt to exploit this vulnerability will leave the following log

Dropped invalid comments from header address

Although this does not represent conclusive evidence of an attack, it
may be useful as an indicator.

A patched sendmail server will drop invalid headers, thus preventing
downstream servers from receiving them. "

So it looks like if the message passes through an 8.12.8 server, it should
be "disinfected".

Peter Ruprecht
JILA / University of Colorado

On Tue, 4 Mar 2003, Mark Borrie wrote:

> Does anyone know if sendmail 8.12.8 etc fixes the offending
> headers or passes them onto other servers unaltered. This is
> important in deciding how quickly we attend to upgrading sendmail
> inside the campus.

More information about the unisog mailing list