[Mailman-Users] Problems with SMTPDirect / Security Bug?

[Nigel Metheringham]

palsina at chasque.net said:
> Using SMTPDirect as delivery module just times out, not sending any
> mail out. I used Sendmail as MTA, and saw a few messages on this board
> suggesting that Postfix was faster, so I replaced sendmail with
> Postfix. 

You are running a SMTP daemon on 127.0.0.1 [or actually on whatever 
address SMTPHOST is set to]?

If you telnet to that address/port do you see the initial SMTP banner 
in a reasonable length of time?  Can you then go through the basic SMTP 
commands that would be used for sending a message (HELO, MAIL FROM, 
RCPT TO) and have it turn those round in reasonable time?
Its most likely the MTA that is misconfigured - either not listening, 
or trying to verify everything and taking lots of time about it.


palsina at chasque.net said:
> Looking at the code, I see that the recipient list is not sanatized
> before invoking the shell. Unless I'm wrong, one could subscribe an
> 'larry;command_here;@none.com' and make the command_here to get
> executed!

Ugh.  I'm going to repeat my comment that I don't think Sendmail.py is 
ready for prime time.

> 	I'm going to try to patch the Sendmail.py to put each recipient
> between '' to avoid shell expansion. Hope that will do. 

It would be better not to shell at all - the argument list should be 
built up in python and then exec-ed across without a shell being 
involved (since a shell has nothing to contribute here except burning 
some CPU cycles and lousing up the argument lists.

	Nigel.
-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham at VData.co.uk ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]