VERSION 3.1.8 -- 5/21/2008 Fixed smtp_filter() to reject the DATA command if no valid recipients have been specified. Otherwise, a specific scenario could result in every spamdyke installation being used as an open relay. If the remote server connects and gives one or more recipients that are rejected (for relaying or blacklisting), then gives the DATA command, spamdyke will ignore all other commands, assuming that message data is being transmitted. However, because all of the recipients were rejected, qmail will reject the DATA command. From that point on, the remote server can give as many recipients as it likes and spamdyke will ignore them all -- they will not be filtered at all. After that, the remote server can give the DATA command and send the actual message data. Because spamdyke is controlling relaying, the RELAYCLIENT environment variable is set and qmail won't check for relaying either. Thanks to Mirko Buffoni for reporting this one. Fixed compiling with gcc 3.4.6 (on old Gentoo installations), which requires a "-Wp,-Wno-trampolines" flag to suppress a warning about trampoline functions. Thanks to Thorsten Puzich for reporting and helping me fix this one. Fixed compiling on CentOS 3.8, which installs the krb5.h in /usr/kerberos/include instead of /usr/include. Thanks to Bruce Schreiber for reporting this one. Changed middleman() to reset the idle timeout timer while waiting for qmail's responses. It's not fair to disconnect a remote server because qmail is running slow. The connection timeout timer is always enforced, however. Fixed a bug in middleman() to reset the idle timeout timer every time data is read from the remote server. Previously, the timer was only reset when data was read and the buffer was empty. This was causing large messages from fast remote servers to timeout during delivery. Thanks to Eric Shubert for reporting and helping me fix this one. thx =] Reproducible: Always
Version bumped, now in portage. Thanks.
Hi Tupone, Can you always put x86 keyword for this packages, I alredy write bug #222829 about it =] Thx.
Secunia writes: A vulnerability has been reported in spamdyke, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to "smtp_filter()" not properly restricting the DATA command if no valid recipient was specified. This can be exploited to e.g. abuse a spamdyke installation as open mail relay by sending a certain sequence of recipient data and DATA commands. The vulnerability is reported in versions prior to 3.1.8. Solution: Update to version 3.1.8. Provided and/or discovered by: The vendor credits Mirko Buffoni.
Right now this ebuild is already bumped, but we have a keyword regression. x86 team, please ~x86: =mail-filter/spamdyke-3.1.8
24 May 2008; Tupone Alfredo <tupone@gentoo.org> spamdyke-3.1.8.ebuild: Adding again ~x86
closing without GLSA, since it is not marked stable for any arch