[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AIX sendmail open relay
This is a relatively minor problem as things go, but after almost 4
years and at IBM's unofficial request (see the last para.)...
-----BEGIN PGP SIGNED MESSAGE-----
SDSC Security Note - March 13, 2003
IBM AIX sendmail an open-relay by default
IBM's AIX is the flagship IBM UNIX offering. Almost all versions, up
to the latest 5.2, deliberately ship as open email relays. Some IBM
patches and upgrades for Sendmail have discarded local site changes
and re-installed the vulnerable sendmail.cf.
IBM has been notified of this problem via several channels, at various
times since October 1999.
IBM has chosen to ship a sendmail configuration for AIX that makes
servers as an open SMTP relay. Even though they are shipping newer
versions of Sendmail software that are not are not open by default,
IBM intentionally discards the non-relay configuration file and ships
a default sendmail.cf that makes the system an open relay.
SDSC and other customers have notified IBM about this problem at
almost every AIX release since at least 1999. It has been an "open
issue" with IBM since that time.
IBM's comments in 1999 (and since) have boiled down to "put your
systems behind firewalls". Later responses have been "users are
responsible for the configuration of their systems", and "our other
users insist on this default configuration".
While we agree that users *are* responsible for the configurations of
their systems, it is unfriendly to customers to ship software that,
from the open source community is safe, but has been intentionally
made unsafe from IBM. This violates the principle of least
astonishment, and only adds to the user's workload.
Any IBM AIX system that uses the default sendmail.cf from IBM will be
an open relay.
SDSC discovered this and reported it for the first time in October
1999, when we discovered during installation that our new
supercomputer (bluehorizon.sdsc.edu, an 1152 processor SP2) had the
capability to be the world's fastest SPAM relay. We replaced the
sendmail.cf with a more rational one.
Many of IBM's AIX upgrades, have silently over-written our sendmail.cf
with a vulnerable file from IBM. We have notified IBM of this issue
at every OS release.
As you can see from this ".mc" file from AIX 5.2, IBM has
intentionally turned on the "promiscuous_relay",
"accept_unresolvable_domains" and "accept_unqualified_senders"
features. All of these are SPAM-friendly.
# Sample AIX file
After trying to work this through various support channels, we were
finally told, by anonymous IBM support and developers, "very
unofficially", that the only way to get this resolved would be to make
Tom E. Perrine <tep@xxxxxxxx> | San Diego Supercomputer Center
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>
-----END PGP SIGNATURE-----