 
Thu, 17 Jan 2002 02:43:21 -0500
|
On Thu, 17 Jan 2002 00:07:44 EST, Peter DiCamillo <[log in to unmask]> said:
> sites using sendmail in very much the same way. I searched
> newsgroups, and didn't find any reference to a problem like this for
> sendmail in general.
You might want to upgrade your Sendmail. There's this fix in 8.11.4:
To detect changes of NDBM aliases files check the timestamp of the
.pag file instead of the .dir file. Problem noted by Neil
Rickert of Northern Illinois University.
8.10.0 has this:
SECURITY: There is a potential for a denial of service attack if
the AutoRebuildAliases option is set as a user can kill the
sendmail process while it is rebuilding the aliases file
(leaving it in an inconsistent state). This option and
its use is deprecated and will be removed from a future
version of sendmail.
You may also want to do an 'ls -l' of the alias file, and whatever
alias.db, alias.dir, alias.pag files are created by 'newaliases'
or 'makemap', and check a 'df' of the partition as well. The logic
for many many releases was that Sendmail would look for a special
key/value pair '@:@' in the alias database, and if it was there,
the alias file was intact and usable - and that key was the last thing
inserted when newaliases ran.
If you're using the LSoft-supplied 'Makefile' to build the aliases,
make sure its setting of the ALIASES variable matches the sendmail.cf
setting of AliasFile.
Here's a quick sanity check: Make sure 'praliases' has a sane number of
entries in it (note that we use 3 seperate alias files - modify to suit
your local config):
[/etc/mail]2 grep -i aliasfile sendmail.cf
O AliasFile=/etc/mail/aliases,/etc/mail/aliases-lsv-local,/etc/mail/aliases-lsv-global
[/etc/mail]2 cat aliases aliases-lsv-local aliases-lsv-global | egrep -v 'Ø$|Ø#' | wc -l
102013
[/etc/mail]2 praliases | wc -l
102016
If the two numbers aren't anywhere near close, you have a problem.. (our 3 difference
is caused by a '@:@' pair for each alias file).
/Valdis
|
|
|
