Sendmail Open Source MTA
The 8.14.4 release of the sendmail open source MTA addresses a number of issues found in the previous release, including:
- Some certificate authorities do not properly check the requests they are signing and therefore allow spoofing via an embedded NUL in the CN entry. Some checks have been added to deal with "bogus" CNs (see below and doc/op/op.*).
- A workaround for a Linux resolver problem has been added to avoid core dumps.
- The value of headers, e.g., Precedence, Content-Type, et.al., was not extracted correctly thus preventing them from being recognized properly; leading spaces were not stripped (which was an unintended side effect of an earlier change) and therefore comparing them with expected values (e.g., "first-class" for Precedence) did not work.
- Between 8.11.7 and 8.12.0 the length limitation on a return path was erroneously reduced.
For a full list of changes see the release notes.
Please send bug reports and general feedback to one of the following addresses.
This version of the sendmail MTA can be downloaded here:
or on a mirror near to you.
If you use
without the required option
then 8.14.4 attempts to add this but may fail.
If you encounter this problem, either add the required option to
Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE, OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS, OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE,
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU.
THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
Show Release Notes