[CentOS] saslauthd for sendmail SMTP relay
Ian Blackwell
ian at ikel.id.au
Sun May 25 22:54:03 UTC 2008
Bernd Bartmann wrote:
> It did start without any problems. Looks like I found the cause. From
> the logs I see that someone tried a brute force attach on the SMTP
> relay with several username / password combinations. Then one of the
> attempts lead to a segfault of saslauth. Which probably means that
> there is a bug in saslauthd as it should not be possible to crash a
> service just by suppling a "weird" comibination of input data.
>
Sounds to me like you should consider running SELinux - that is if you
aren't already :-) . Of course it won't solve the segfault, but it
should restrict any damage a compromised saslauthd process can do.
Anyway, glad you're on track again.
Ian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3617 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080526/b8cd8083/attachment.bin>
More information about the CentOS
mailing list