Re: sendmail 8.14 has a serious memory corruption bug in it

[Claus Assmann <dragonfly-kernel@xxxxxxxxx>]

On Tue, Feb 19, 2008, Constantine A. Murenin wrote:
> On 19/02/2008, Claus Assmann <dragonfly-kernel@esmtp.org> wrote:

> > No, they don't. I asked twice. (I could explain to you why they

> I'm quite curious what the reason is -- do you mind sharing it?

I have only a single static IP (it's an old contract). PacBell/AT&T
only delegates reverse DNS to you if you have at least 6 (8?) static
IP addresses. Changing to that doubles the amount of money I would
have to pay. I've considered changing ISPs instead (BTW: why are
static IP so expensive in the US? It's more than twice the amount
of dynamic IPs...)

> On a side note, if I were you, I'd probably complain to the ISP for
> not specifying in their rDNS that your IP-address is static.

How should they do that? I don't know of any "policy" at AT&T to
do so... (or any "official" standard).

BTW: the IP address (63.195.85.27) is not in any "DNS based blocklist"
that I know of. It's not even "classified" as dynamic IP in any of
those. Moreover, there is a PTR record for it (as those who claim
to know something about RFCs could have easily checked.)

> It would be nice if it was possible to configure sendmail to not block
> any STARTTLS secure mail regardless of the ip or rDNS of the sender,

That's not a good idea. Spammers can easily set up TLS.

> as you web-page suggests; but to my knowledge, such configuration of
> sendmail is quite non-trivial, so most people don't use it. If you
> could provide some examples on the web-page where you make this
> suggestion, or, better yet, include such examples in the default
> configuration file, it would, IMHO, be the best approach to this
> problem.

I'll take a look, thanks for the suggestion.