[KLUG Members] using sendmail to block spam
Robert G. Brown
members@kalamazoolinux.org
Fri, 10 Jan 2003 15:31:56 -0500
>> >>From the web page:
>> > "First apply _this_patch_ to the source."
>> >Where "this patch" is a link to:
>> > http://www.sdsc.edu/~jeff/spam/sendmail-8.11.6.patch
>> >Which looks like a source code patch to me.
>> They're patching a lot of .m4 files.
>Yeah, you're right. The "ifdef" and "define" stuff through me.
I looked at what files they were patching... pretty specific stuff
in some fairly general .m4 files. THis is a source of csome concern,
especially on an upgrade.
>But in any case, it's still "YUCK". That only eliminates the "make"
>part of getting this to work. Upgrading to new releases of sendmail
>could still be a pain getting the patches to install.
Could? I'dsay "probably" m4 is a good place to introudce a lot of new
functionality, and if they're doing that , some of this code may change
a lot. I'd be pleased to see this as a mistaken view, but I am quite
the pessimist when it comes to predicting the lifetime of code, it tends
to be short. A good deal of understanding of the structure of the software
is critical to making anyforecasts, I can;t even pretend to have such
knowledge of sendmail.
>And when the next exploit of Sendmail is found, you'll definitely want
>to upgrade ASAP! :-)
Right, each time there's an upgrade, one has to go through similar
re-examining pains. Yes, there are ways to streamline it, but unless
sendmail is near the top of your life (or job) priorities, it's best
not to play this game.
Regards,
---> RGB <---