The queue files placed into the queue by sendmail must be well protected by defining
narrow default permissions withth e TempFileMode option (?§24.9.118 on page
1097) prior to V8.12, or the QueueFileMode option (?§24.9.90 on page 1071) beginning
withV8.12. A default of 0600 is best for the main queue, and a default of 0660
is recommended for the MSP queue.
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
172 | Chapter 4: Maintain Security with sendmail
4.7.2 Forging with SMTP
We won??™t illustrate the SMTP interaction here. But note that anyone can connect to
your local sendmail via telnet(1) at port 25 or run sendmail withth e -bs commandline
switch. Once connected, sendmail must, of necessity, believe everything it
receives. The only exception is the hostname sent in the HELO or EHLO message.*
In that case, the sendmail program looks up the real hostname based on the connection.
If the stated hostname and the real hostname differ, the false name is used as
the name of the sending host with the real name added in parentheses:
250 your.host Hello false.host (real.host), pleased to meet you
The real hostname is then used as the sending hostname in the construction of all
headers. The result (the header and body received by the user) might look something
like this:
From root@false.
Pages:
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333