What's new wrt e-mail?

Last Update 1999-02-08
Here you can find some news with respect to e-mail, esp. sendmail.

sendmail 8.9.3 available

sendmail 8.9.3 is available (1999-02-04), The only major change since 8.9.2 is a fix for the headers denial of service attack posted to BugTraq. See the RELEASE_NOTES for changes since 8.9.2.

sendmail 8.9.2 available

sendmail 8.9.2 is available (1999-01-01). See the RELEASE_NOTES (HTML version, PGP won't work) for changes since 8.9.1.

sendmail 8.9.2.Beta4 available

sendmail 8.9.2.Beta4 is available (1998-12-22). It contains some small bug fixes (HTML version, PGP won't work) (wierd relaying cases, interactions with DB 2, etc).

sendmail 8.9.1 has been released

sendmail 8.9.1 has been released (1998-07-02). It contains some small bug fixes (installation etc). To quote Eric Allman: Most changes are small bug fixes; perhaps the most important change is that the updated license has been modified to clarify some of the terms.

sendmail 8.9.1 has a bug with respect to the prevention of unauthorized relay attempts which can be fixed by a patch for cf/m4/proto.m4.
There is a small bug in 8.9.{0,1} wrt overriding the RBL which can be fixed by another patch for cf/m4/proto.m4.

sendmail 8.9.0 has been released

sendmail 8.9.0 has been released (1998-05-20). It turns off relaying by default, and provides several new features against UBE. See the announcement for some details, the RELEASE NOTES for all changes, or below for other features (and links). BTW: sendmail is now a trademark of Sendmail, Inc.

sendmail 8.9 Beta5 has been released

sendmail 8.9 beta5 has been released (1998-03-31). See the release notes for all details, or below for other features (and links).

sendmail 8.9 Beta3 has been released

sendmail 8.9 beta3 has been released (1998-03-17). It contains several new features; e.g., it turns off relaying by default, and it provides measures against UBE. See the release notes for all details. CNN Interactive has an article about the new release: Spam foes get new weapon - March 17, 1998, as well as Wired News.

sendmail 8.8.8 has been released

sendmail 8.8.8 has been released (1997-10-24). It contains some small fixes. See the release notes for more details.

sendmail 8.8.7 has been released

sendmail 8.8.7 has been released. It contains only some small bug fixes. See the release notes for more details.

sendmail 8.8.6 has been released

sendmail 8.8.6 has been released. It doesn't contain new features, but some bug fixes and security enhancements for wierd configurations and systems. See the release notes for more details.

sendmail 8.8.5 available

sendmail 8.8.5 is available at the usual places. It fixes a security problem and some other stuff. From Eric Allman's e-mail : This release fixes a nasty security bug that allows an external attacker to get root privileges. This problem appeared in 8.8.3. It is essential that you upgrade ASAP if you are running 8.8.3 or 8.8.4. If you cannot upgrade immediately, turn off the F=9 flag on the local and prog mailers. You can do this by editing the /etc/sendmail.cf file and look for the lines beginning Mlocal and Mprog. Find the field beginning "F=" and delete the digit "9" from the following string. Then restart the sendmail daemon. If your configuration file does not include the F=9 flag, then you are not vulnerable. A CERT Advisory on this vulnerability will be released soon.

sendmail 8.8 available

sendmail 8.8 has been released on several FTP servers. I've put together some of the changes I find most interesting. The RELEASE_NOTES have a complete listing.

The Sendmail Installation and Operation Guide is available in HTML format for sendmail 8.8. The README file from sendmail/cf describes the configuration options for your sendmail.cf file, if you generate it from a .mc file with the m4 macros.

Unfortunately, spamming is a big issue today. Use the new check_* rulesets in sendmail 8.8 to fight junk e-mail (UCE).


[(links)] [Hints] [Avoiding UBE] [cf/README]
Copyright © Claus Aßmann Please send comments to: <ca@sendmail.org>