What's new wrt e-mail?
Last Update 1999-02-08
Here you can find some news with respect to e-mail,
esp.
sendmail.
sendmail 8.9.3 available
sendmail 8.9.3
is available (1999-02-04),
The only major change since 8.9.2 is a fix for the headers denial of
service attack posted to BugTraq.
See the
RELEASE_NOTES
for changes since 8.9.2.
sendmail 8.9.2 available
sendmail 8.9.2
is available (1999-01-01).
See the
RELEASE_NOTES
(HTML version, PGP won't work)
for changes since 8.9.1.
sendmail 8.9.2.Beta4 available
sendmail 8.9.2.Beta4
is available (1998-12-22).
It contains some
small bug fixes
(HTML version, PGP won't work)
(wierd relaying cases, interactions with
DB 2, etc).
sendmail 8.9.1 has been released
sendmail 8.9.1
has been released (1998-07-02).
It contains some
small bug fixes
(installation etc).
To quote
Eric Allman:
Most changes are small
bug fixes; perhaps the most important change is that the updated
license has been modified to clarify some of the terms.
sendmail 8.9.1 has a
bug with respect to the prevention of unauthorized relay attempts
which can be fixed by
a patch for cf/m4/proto.m4
.
There is a small bug in 8.9.{0,1} wrt overriding the
RBL
which can be fixed by
another patch for cf/m4/proto.m4
.
sendmail 8.9.0 has been released
sendmail 8.9.0
has been released (1998-05-20).
It turns off
relaying
by default,
and provides
several new features
against
UBE.
See the
announcement
for some details,
the
RELEASE NOTES
for all changes,
or below for other features (and links).
BTW:
sendmail is now a trademark of
Sendmail, Inc.
sendmail 8.9 Beta5 has been released
sendmail 8.9 beta5
has been released (1998-03-31).
See the
release notes
for all details,
or below for other features (and links).
sendmail 8.9 Beta3 has been released
sendmail 8.9 beta3
has been released (1998-03-17).
It contains
several new features;
e.g.,
it turns off
relaying
by default,
and it provides measures against
UBE.
See the
release notes
for all details.
CNN Interactive
has an article about the new release:
Spam foes get new weapon - March 17, 1998,
as well as
Wired News.
sendmail 8.8.8 has been released
sendmail 8.8.8
has been released
(1997-10-24).
It contains some small fixes.
See the
release notes
for more details.
sendmail 8.8.7 has been released
sendmail 8.8.7
has been released.
It contains only some small bug fixes.
See the
release notes
for more details.
sendmail 8.8.6 has been released
sendmail 8.8.6
has been released.
It doesn't contain new features, but some bug fixes and
security enhancements for wierd configurations and systems.
See the
release notes
for more details.
sendmail 8.8.5 available
sendmail 8.8.5
is available at the
usual places.
It fixes a security problem and some other stuff.
From
Eric Allman's e-mail
:
This release fixes a nasty security bug that allows an external
attacker to get root privileges. This problem appeared in 8.8.3.
It is essential that you upgrade ASAP if you are running 8.8.3 or
8.8.4. If you cannot upgrade immediately, turn off the F=9 flag
on the local and prog mailers. You can do this by editing the
/etc/sendmail.cf file and look for the lines beginning Mlocal and
Mprog. Find the field beginning "F=" and delete the digit "9"
from the following string. Then restart the sendmail daemon.
If your configuration file does not include the F=9 flag, then
you are not vulnerable. A CERT Advisory on this vulnerability
will be released soon.
sendmail 8.8 available
sendmail 8.8
has been released
on
several FTP servers.
I've put together some of the
changes
I find most interesting.
The
RELEASE_NOTES
have a complete listing.
The
Sendmail Installation and Operation Guide
is available in HTML format for sendmail 8.8.
The
README
file from sendmail/cf describes the configuration options
for your sendmail.cf file,
if you generate it from a .mc file with the m4 macros.
Unfortunately,
spamming
is a big issue today.
Use
the new check_* rulesets in sendmail 8.8
to fight junk e-mail (UCE).
[(links)]
[Hints]
[Avoiding UBE]
[cf/README]
Copyright ©
Claus Aßmann
Please send comments to:
<ca@sendmail.org>