[KLUG Members] using sendmail to block spam

[Robert G. Brown]

>> >>From the web page:
>> >  "First apply _this_patch_ to the source."
>> >Where "this patch" is a link to:  
>> >  http://www.sdsc.edu/~jeff/spam/sendmail-8.11.6.patch
>> >Which looks like a source code patch to me.
>> They're patching a lot of .m4 files.
>Yeah, you're right.  The "ifdef" and "define" stuff through me.
I looked at what files they were patching... pretty specific stuff
in some fairly general .m4 files. THis is a source of csome concern,
especially on an upgrade.

>But in any case, it's still "YUCK".  That only eliminates the "make"
>part of getting this to work.  Upgrading to new releases of sendmail
>could still be a pain getting the patches to install.
Could? I'dsay "probably" m4 is a good place to introudce a lot of new 
functionality, and if they're doing that , some of this code may change
a lot. I'd be pleased to see this as a mistaken view, but I am quite
the pessimist when it comes to predicting the lifetime of code, it tends
to be short. A good deal of understanding of the structure of the software
is critical to making anyforecasts, I can;t even pretend to have such 
knowledge of sendmail.

>And when the next exploit of Sendmail is found, you'll definitely want
>to upgrade ASAP!  :-)
Right, each time there's an upgrade, one has to go through similar 
re-examining pains. Yes, there are ways to streamline it, but unless 
sendmail is near the top of your life (or job) priorities, it's best 
not to play this game.
					Regards,
					---> RGB <---