Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Facts are stubborn, but statistics are more pliable.

computers / comp.mail.sendmail / Re: bare CR (was: 8.18.1)

SubjectAuthor
* sendmail 8.18.1 is availableClaus Aßmann
+* Re: sendmail 8.18.1 is availableRoberto CORRADO
|`* Re: bare CR (was: 8.18.1)Claus Aßmann
| `- Re: bare CRRoberto CORRADO
`* Re: sendmail 8.18.1 is availableHQuest
 `* Re: sendmail 8.18.1 is availableKalevi Kolttonen
  `* Re: sendmail 8.18.1 is availableHQuest
   `* Re: sendmail 8.18.1 is availableKalevi Kolttonen
    `- Re: sendmail 8.18.1 is availableKalevi Kolttonen

1
sendmail 8.18.1 is available

<upd6aq$tl0$1@news.misty.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=946&group=comp.mail.sendmail#946

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!rocksolid2!news.neodome.net!weretis.net!feeder6.news.weretis.net!news.misty.com!.POSTED.veps.esmtp.org!not-for-mail
From: INVALID_...@esmtp.org (Claus Aßmann)
Newsgroups: comp.mail.sendmail
Subject: sendmail 8.18.1 is available
Date: Wed, 31 Jan 2024 05:10:34 -0500 (EST)
Organization: MGT Consulting
Sender: <ml+sendmail(-no-copies-please)@esmtp.org>
Message-ID: <upd6aq$tl0$1@news.misty.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 31 Jan 2024 10:10:34 -0000 (UTC)
Injection-Info: news.misty.com; posting-host="veps.esmtp.org:155.138.203.148";
logging-data="30368"; mail-complaints-to="abuse@misty.com"
Mail-Copies-To: never
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: ca@x2.esmtp.org (Claus Assmann)
 by: Claus Aßmann - Wed, 31 Jan 2024 10:10 UTC

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Proofpoint, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.18.1. This version enforces stricter RFC compliance
by default, especially with respect to line endings. This may cause
issues with receiving messages from non-compliant MTAs; please see
the first release note below for mitigations. It also adds full
DANE support provided an OpenSSL version with the required DANE
functions is used. For a complete list, see the release notes
below.

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html
https://www.proofpoint.com/us/products/email-protection/open-source-email-solution

The version can be found at
https://ftp.sendmail.org/sendmail.8.18.1.tar.gz
https://ftp.sendmail.org/sendmail.8.18.1.tar.gz.sig
https://ftp.sendmail.org/sendmail.8.18.1.tar.Z
https://ftp.sendmail.org/sendmail.8.18.1.tar.Z.sig

(or via ftp://ftp.sendmail.org/pub/sendmail/)

SHA-256 checksums
SHA256 (sendmail.8.18.1.tar.gz) = cbf1f309c38e4806f7cf3ead24260f17d1fe8fb63256d13edb3cdd1a098f0770
SHA256 (sendmail.8.18.1.tar.gz.sig) = 5e54a10405d786de23f9752ef6c5add1dba8e77af610956c18357841df94caca
SHA256 (sendmail.8.18.1.tar.Z) = c948661d51b7e5918e2d57b296be3c79e1dde8c7aa3791efec2dba29eb575de2
SHA256 (sendmail.8.18.1.tar.Z.sig) = a8ce8d7507aecf9149a92d8b789d2c1ec496a5e8d2613aa0aac2709894953c11

You either need the first two files or the third and fourth,
i.e., the gzip'ed version or the compressed version and the
corresponding sig file. The PGP signature was created using
the Sendmail Signing Key/2024, available on the web site
(http://www.sendmail.com/sm/open_source/download/) or on
the public key servers (keyid C71F6844).

Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.

PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.

SENDMAIL RELEASE NOTES

This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.

8.18.1/8.18.1 2024/01/31
sendmail is now stricter in following the RFCs and rejects
some invalid input with respect to line endings
and pipelining:
- Prevent transaction stuffing by ensuring SMTP clients
wait for the HELO/EHLO and DATA response before sending
further SMTP commands. This can be disabled using
the new srv_features option 'F'. Issue reported by
Yepeng Pan and Christian Rossow from CISPA Helmholtz
Center for Information Security.
- Accept only CRLF . CRLF as end of an SMTP message
as required by the RFCs, which can disabled by the
new srv_features option 'O'.
- Do not accept a CR or LF except in the combination
CRLF (as required by the RFCs). These checks can
be disabled by the new srv_features options
'U' and 'G', respectively. In this case it is
suggested to use 'u2' and 'g2' instead so the server
replaces offending bare CR or bare LF with a space.
It is recommended to only turn these protections off
for trusted networks due to the potential for abuse.
Full DANE support is available if OpenSSL versions 1.1.1 or 3.x
are used, i.e., TLSA RR 2-x-y and 3-x-y are supported
as required by RFC 7672.
OpenSSL version 3.0.x is supported. Note: OpenSSL 3 loads by
default an openssl.cnf file from a location specified
in the library which may cause unwanted behaviour
in sendmail. Hence sendmail sets the environment
variable OPENSSL_CONF to /etc/mail/sendmail.ossl
to override the default. The file name can be
changed by defining confOPENSSL_CNF in the mc file;
using an empty value prevents setting OPENSSL_CONF.
Note: referring to a file which does not exist does
not cause an an error.
Two new values have been added for {verify}:
"DANE_TEMP": DANE verification failed temporarily.
"DANE_NOTLS": DANE was required but STARTTLS was not
offered by the server.
The default rules return a temporary error for these
cases, so delivery is not attempted.
If the TLS setup code in the client fails and DANE requirements
exist then {verify} will be set to "DANE_TEMP" thus
preventing delivery by default.
DANE related logging has been slightly changed for clarification:
"DANE configured in DNS but no STARTTLS available"
changed to
"DANE configured in DNS but STARTTLS not offered"
When the compile time option USE_EAI is enabled, vacation could
fail to respond when it should (the code change in
8.17.2 was incomplete). Problem reported by Alex
Hautequest.
If SMTPUTF8 BODY=7BIT are used as parameters for the MAIL command
the parsing of UTF8 addresses could fail (USE_EAI).
If a reply to a previous RCPT was received while sending
another RCPT in pipelining mode then parts of the
reply could have been assigned to the wrong RCPT.
New DontBlameSendmail option CertOwner to relax requirement
for certificate public and private key ownership.
Based on suggestion from Marius Strobl of the
FreeBSD project.
clt_features was not checked for connections via Unix domain
sockets.
CONFIG: FEATURE(`enhdnsbl') did not handle multiple replies
from DNS lookups thus potentially causing random
"false negatives".
Note: the fix creates an incompatibility:
the arguments must not have a trailing dot anymore
because the -a. option has been removed (as it only
applies to the entire result, not individual values).
CONFIG: New FEATURE(`fips3') for basic FIPS support in OpenSSL 3.
VACATION: Add support for Return-Path header to set sender
to match OpenBSD and NetBSD functionality.
VACATION: Honor RFC3834 and avoid an auto-reply if
'Auto-Submitted: no' is found in the headers to
match OpenBSD and NetBSD functionality.
VACATION: Avoid an auto-reply if a 'List-Id:' is found in
the headers to match OpenBSD functionality.
VACATION: Add support for $SUBJECT in .vacation.msg which
is replaced with the first line of the subject of the
original message to match OpenBSD and NetBSD
functionality.
Portability:
Add support for Darwin 23.
New Files:
cf/feature/fips3.m4
devtools/OS/Darwin.23.x
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJlugFVAAoJEMQGWofHH2hEwLgP/jxAl+rxBoyPrxlFVBZzi8Lr
wD59bQHYhHGLnt3L/tNGm1QmTaps1Ex1TWEAYCC4WT6i7oMD8XLIYWDswHPDjPAq
M9FcneU3hL6XAP7Nqdg9F/snDYe1hQ3UUOAXd4e7Yjmux5l4yRLmDCI+F7lZNJ9s
dFdjiX1GTiAe60c0KshZHtgSK+88VLQzkseLNELLWXAKdyYn2mFI7ErjdLmlTd4x
+AADBizArCKH6IfN6EVXOEm7XYXksexXIqG3IcrwzjSx/oHHTj34Lm/QhQ50Xez1
wi+KydI2hvfOTecbCZDHcUDsTxT9kQsylLDRuw4ivM2yoJCVcM9akhyfWAhA2igQ
2cN8C6CHZvVhOzlEnOCVshtInGe6U3EXzAFTPn+p7sWpWMM447nkSFkWbDdZGR9b
8KRvpGWC9cqLaXfGcQzs0NBik9M86kFVm3wT2GpDYyAJbRX0RpeBr6ql/z1ryx6O
Dn5EBE9XMIGI+cpWtH7fmiUjgilZFYag3MavmtrSvGa2RAefC9yts7JyxpDiPR4k
fb/7UXGmWv0XDKo6QYGdB2zwOPEphUQiPpJcMIbIKCBV2weL4ZEF2pDUZ4y8P5jR
miOlsic6R5GG9dhvHIDpSKFMCZK2XaPkjgj7SDv0cVaragdT5yrdfRkLU+PCrtTe
mhclJirDeydr7CZ6zhZk
=oxc4
-----END PGP SIGNATURE-----

Re: sendmail 8.18.1 is available

<upeu35$ga1$1@gatto.corradoroberto.it>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=947&group=comp.mail.sendmail#947

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!newsfeed.endofthelinebbs.com!news.corradoroberto.it!.POSTED.desktop.corradoroberto.it!not-for-mail
From: i...@secure.corradoroberto.it (Roberto CORRADO)
Newsgroups: comp.mail.sendmail
Subject: Re: sendmail 8.18.1 is available
Date: Thu, 1 Feb 2024 03:02:13 +0100
Organization: NNTPD of domain: corradoroberto.it (localnet)
Lines: 82
Message-ID: <upeu35$ga1$1@gatto.corradoroberto.it>
References: <upd6aq$tl0$1@news.misty.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Injection-Date: Thu, 1 Feb 2024 02:02:13 -0000 (UTC)
Injection-Info: gatto.corradoroberto.it; posting-account="news@corradoroberto.it"; posting-host="desktop.corradoroberto.it:192.168.1.4";
logging-data="16705"; mail-complaints-to="abuse@corradoroberto.it"
Cancel-Lock: sha1:C6ReNtwTZZ1A21WaoUwbAlRV5kU= sha256:fiN7ewwAjekVRithh2HLQq0TE0ei8GK0ApzDrO1ayu0=
sha1:9pQ5VcyNf3ClU+Ta/EalluY8FuU= sha256:RPTK7rtk9lgS3R3UpnKgn4wC3T3DNG77JRx1tkc3KJY=
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: CatWalker 0126
X-LDAPD: CORRADO-ROBERTO
X-Mailver: 8
X-MTA: Sendmail MHS X.400
X-TYPE: RCS 126
 by: Roberto CORRADO - Thu, 1 Feb 2024 02:02 UTC

"Claus Aßmann" wrote:

> 8.18.1/8.18.1 2024/01/31

> - Do not accept a CR or LF except in the combination
> CRLF (as required by the RFCs). These checks can
> be disabled by the new srv_features options
> 'U' and 'G', respectively. In this case it is
> suggested to use 'u2' and 'g2' instead so the server
> replaces offending bare CR or bare LF with a space.
> It is recommended to only turn these protections off
> for trusted networks due to the potential for abuse.

Hello Claus,

Sorry for this question, this is normal?

"""
Feb 1 00:59:39 gatto sm-mta[3591]: 40VNxcV4003591: collect: relay=battlestar.sorbs.net, from=<privacy_hidden@support.sorbs.net>, info=Bare carriage return (CR) not allowed, where=body, status=tempfail
Feb 1 00:59:39 gatto sm-mta[3591]: 40VNxcV4003591: from=<privacy_hidden@support.sorbs.net>, size=2236, class=-60, nrcpts=1, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=battlestar.sorbs.net [72.12.198.251]
Feb 1 01:17:42 gatto sm-mta[5754]: 4110HgCn005754: collect: relay=battlestar.sorbs.net, from=<privacy_hidden@support.sorbs.net>, info=Bare carriage return (CR) not allowed, where=body, status=tempfail
Feb 1 01:17:42 gatto sm-mta[5754]: 4110HgCn005754: from=<privacy_hidden@support.sorbs.net>, size=2236, class=-60, nrcpts=1, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=battlestar.sorbs.net [72.12.198.251]
Feb 1 01:37:42 gatto sm-mta[8162]: 4110bgC1008162: collect: relay=battlestar.sorbs.net, from=<privacy_hidden@support.sorbs.net>, info=Bare carriage return (CR) not allowed, where=body, status=tempfail
Feb 1 01:37:42 gatto sm-mta[8162]: 4110bgC1008162: from=<privacy_hidden@support.sorbs.net>, size=2236, class=-60, nrcpts=1, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=battlestar.sorbs.net [72.12.198.251]
Feb 1 01:57:43 gatto sm-mta[9979]: 4110vgDX009979: collect: relay=battlestar.sorbs.net, from=<privacy_hidden@support.sorbs.net>, info=Bare carriage return (CR) not allowed, where=body, status=tempfail
Feb 1 01:57:43 gatto sm-mta[9979]: 4110vgDX009979: from=<privacy_hidden@support.sorbs.net>, size=2236, class=-60, nrcpts=1, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=battlestar.sorbs.net [72.12.198.251]
Feb 1 02:17:44 gatto sm-mta[12018]: 4111HgEu012018: collect: relay=battlestar.sorbs.net, from=<privacy_hidden@support.sorbs.net>, info=Bare carriage return (CR) not allowed, where=body, status=tempfail
Feb 1 02:17:44 gatto sm-mta[12018]: 4111HgEu012018: from=<privacy_hidden@support.sorbs.net>, size=2236, class=-60, nrcpts=1, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=battlestar.sorbs.net [72.12.198.251]
"""

"""
$ grep -A8 "srv_features" sendmail.cf
### srv_features: which features to offer to a client?
### (done in server)
######################################################################
Ssrv_features
R$* $: $>D <$&{client_name}> <?> <! "Srv_Features"> <>
R<?>$* $: $>A <$&{client_addr}> <?> <! "Srv_Features"> <>
R<?>$* $: <$(access "Srv_Features": $: ? $)>
R<?>$* $@ OK
R<$* <TMPF>>$* $#temp
R<$+>$* $# $1

######################################################################
"""

Best regards

--
Fb rules (√5*n^2±4)
$x=sqrt(5*pow($n,2)-4) - (int)sqrt(5*pow($n,2)-4);
$y=sqrt(5*pow($n,2)+4) - (int)sqrt(5*pow($n,2)+4);

Re: bare CR (was: 8.18.1)

<upfdbv$iv1$1@news.misty.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=948&group=comp.mail.sendmail#948

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!newsfeed.endofthelinebbs.com!weretis.net!feeder6.news.weretis.net!news.misty.com!.POSTED.veps.esmtp.org!not-for-mail
From: INVALID_...@esmtp.org (Claus Aßmann)
Newsgroups: comp.mail.sendmail
Subject: Re: bare CR (was: 8.18.1)
Date: Thu, 1 Feb 2024 01:22:55 -0500 (EST)
Organization: MGT Consulting
Sender: <ml+sendmail(-no-copies-please)@esmtp.org>
Message-ID: <upfdbv$iv1$1@news.misty.com>
References: <upd6aq$tl0$1@news.misty.com> <upeu35$ga1$1@gatto.corradoroberto.it>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Thu, 1 Feb 2024 06:22:55 -0000 (UTC)
Injection-Info: news.misty.com; posting-host="veps.esmtp.org:155.138.203.148";
logging-data="19425"; mail-complaints-to="abuse@misty.com"
Mail-Copies-To: never
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: ca@x2.esmtp.org (Claus Assmann)
 by: Claus Aßmann - Thu, 1 Feb 2024 06:22 UTC

Roberto CORRADO wrote:

> Sorry for this question, this is normal?

What do you mean by "normal"?

> relay=battlestar.sorbs.net, from=<privacy_hidden@support.sorbs.net>,
> info=Bare carriage return (CR) not allowed, where=body, status=tempfail

Either ask the sender to check the content of their mail or use one
of the methods mentioned in the release notes and op.* to allow the
mail (u2 / U)

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

Re: sendmail 8.18.1 is available

<86e6318fcc891a40b6f16819bf872c4a@www.novabbs.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=949&group=comp.mail.sendmail#949

  copy link   Newsgroups: comp.mail.sendmail
Date: Thu, 1 Feb 2024 15:48:20 +0000
Subject: Re: sendmail 8.18.1 is available
From: hqu...@hquest.pro.br (HQuest)
Newsgroups: comp.mail.sendmail
X-Rslight-Site: $2y$10$MAp8oey7UWXakwWqfD7jpu4OqtGv/aEKNnq89XD7rXYLRsF32fXwu
X-Rslight-Posting-User: 3d3517e5dd24387fdf8da64199401ea731577ab2
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light
References: <upd6aq$tl0$1@news.misty.com>
Organization: novaBBS
Message-ID: <86e6318fcc891a40b6f16819bf872c4a@www.novabbs.com>
 by: HQuest - Thu, 1 Feb 2024 15:48 UTC

Does the recently posted OpenSSL v3.2.1 fixes the regression bug for DANE verifications? Or should we still use v3.0 if using this feature?

Re: sendmail 8.18.1 is available

<upgh32$2518u$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=950&group=comp.mail.sendmail#950

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: kal...@kolttonen.fi (Kalevi Kolttonen)
Newsgroups: comp.mail.sendmail
Subject: Re: sendmail 8.18.1 is available
Date: Thu, 1 Feb 2024 16:32:34 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 17
Sender: <untosten@0.0.0.0>
Message-ID: <upgh32$2518u$1@dont-email.me>
References: <upd6aq$tl0$1@news.misty.com> <86e6318fcc891a40b6f16819bf872c4a@www.novabbs.com>
Injection-Date: Thu, 1 Feb 2024 16:32:34 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="8c5c4e11e7156ca9853c7df20ea331dd";
logging-data="2262302"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+dOyrB2e6a9fyIHPGG7bHCwGqrlt2DmwI="
User-Agent: tin/2.6.2-20221225 ("Pittyvaich") (Linux/6.6.13-200.fc39.x86_64 (x86_64))
Cancel-Lock: sha1:b4K1D2W18tJkiuFO08hQxLlkIs8=
 by: Kalevi Kolttonen - Thu, 1 Feb 2024 16:32 UTC

HQuest <hquest@hquest.pro.br> wrote:
> Does the recently posted OpenSSL v3.2.1 fixes the
> regression bug for DANE verifications?

The relevant OpenSSL ChangeLog can be found here:

https://www.openssl.org/news/cl32.txt

### Changes between 3.2.0 and 3.2.1 [30 Jan 2024]
[ clip ]

Nothing concerning DANE is mentioned there so I
guess it must be assumed that the bug has not
been fixed yet.

br,
KK

Re: sendmail 8.18.1 is available

<e7240fd6b38290035ea85710a2379355@www.novabbs.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=951&group=comp.mail.sendmail#951

  copy link   Newsgroups: comp.mail.sendmail
Date: Thu, 1 Feb 2024 17:50:32 +0000
Subject: Re: sendmail 8.18.1 is available
From: hqu...@hquest.pro.br (HQuest)
Newsgroups: comp.mail.sendmail
X-Rslight-Site: $2y$10$2YsB.8rYkJr8r/QU92VDoeYqmvka.PWc7UbwgTRvMwm09jwHERKNe
X-Rslight-Posting-User: 3d3517e5dd24387fdf8da64199401ea731577ab2
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light
References: <upd6aq$tl0$1@news.misty.com> <86e6318fcc891a40b6f16819bf872c4a@www.novabbs.com> <upgh32$2518u$1@dont-email.me>
Organization: novaBBS
Message-ID: <e7240fd6b38290035ea85710a2379355@www.novabbs.com>
 by: HQuest - Thu, 1 Feb 2024 17:50 UTC

Not everything makes into the release notes/changelog, otherwise list will be immense. But as per this issue tracker comment (https://github.com/openssl/openssl/pull/22821#issuecomment-1831545813), the fix was added into multiple master trees of OpenSSL's git repo by late November 2023. Since it names v3.2, one would believe this made it into this week's release. I just don't know if was tested against sendmail-8.18 yet and proven positive.

Re: bare CR

<upglkp$jdq$1@gatto.corradoroberto.it>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=952&group=comp.mail.sendmail#952

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!newsfeed.endofthelinebbs.com!news.corradoroberto.it!.POSTED.desktop.corradoroberto.it!not-for-mail
From: i...@secure.corradoroberto.it (Roberto CORRADO)
Newsgroups: comp.mail.sendmail
Subject: Re: bare CR
Date: Thu, 1 Feb 2024 18:50:18 +0100
Organization: NNTPD of domain: corradoroberto.it (localnet)
Lines: 17
Message-ID: <upglkp$jdq$1@gatto.corradoroberto.it>
References: <upd6aq$tl0$1@news.misty.com> <upeu35$ga1$1@gatto.corradoroberto.it> <upfdbv$iv1$1@news.misty.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Injection-Date: Thu, 1 Feb 2024 17:50:17 -0000 (UTC)
Injection-Info: gatto.corradoroberto.it; posting-account="news@corradoroberto.it"; posting-host="desktop.corradoroberto.it:192.168.1.4";
logging-data="19898"; mail-complaints-to="abuse@corradoroberto.it"
Cancel-Lock: sha1:hvRnVk8eSg1/1iunS5dgqXEs4xg= sha256:1GV5slPURTBBO6iffM4ApC9QuM2SEdwbWbzl/IYob/I=
sha1:F2WoRUj/E1iqing1ukkO4asZnK8= sha256:m1EpGgAvd0TmOOTq1fD1PaHwpD81ElBg1JXlFnlkW7w=
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: CatWalker 0126
X-LDAPD: CORRADO-ROBERTO
X-Mailver: 8
X-MTA: Sendmail MHS X.400
X-TYPE: RCS 126
 by: Roberto CORRADO - Thu, 1 Feb 2024 17:50 UTC

"Claus Aßmann" wrote:

> What do you mean by "normal"?

I ready with attention what you had written to me:
you was right. I contacted the sender and we have solved
the problem.

> Either ask the sender to check the content of their mail or use one
> of the methods mentioned in the release notes and op.* to allow the
> mail (u2 / U)

Thanks for your suggestion and sorry for write past message
Best regards

--
Roberto

Re: sendmail 8.18.1 is available

<upgo94$26aph$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=953&group=comp.mail.sendmail#953

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: kal...@kolttonen.fi (Kalevi Kolttonen)
Newsgroups: comp.mail.sendmail
Subject: Re: sendmail 8.18.1 is available
Date: Thu, 1 Feb 2024 18:35:16 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 49
Sender: <untosten@0.0.0.0>
Message-ID: <upgo94$26aph$1@dont-email.me>
References: <upd6aq$tl0$1@news.misty.com> <86e6318fcc891a40b6f16819bf872c4a@www.novabbs.com> <upgh32$2518u$1@dont-email.me> <e7240fd6b38290035ea85710a2379355@www.novabbs.com>
Injection-Date: Thu, 1 Feb 2024 18:35:16 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="8c5c4e11e7156ca9853c7df20ea331dd";
logging-data="2304817"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+UWDRIY1Uro/nqsDklBFPMus5emjUbWQ4="
User-Agent: tin/2.6.2-20221225 ("Pittyvaich") (Linux/6.6.13-200.fc39.x86_64 (x86_64))
Cancel-Lock: sha1:jEBKZT+GL4oNXFuaZSLVBVRKLYk=
 by: Kalevi Kolttonen - Thu, 1 Feb 2024 18:35 UTC

HQuest <hquest@hquest.pro.br> wrote:
> Not everything makes into the release
> notes/changelog, otherwise list will be immense.

I see. Apologies for the misinformation. I would have
thought that that bugfix was important enough to
be mentioned.

> But as per this issue tracker
> comment (https://github.com/openssl/openssl/pull/22821#issuecomment-1831545813),
> the fix was added into multiple master trees of OpenSSL's
> git repo by late November 2023. Since it names v3.2, one would
> believe this made it into this week's release. I just don't
> know if was tested against sendmail-8.18 yet and proven positive.

I just did:

git clone
git tag
git checkout openssl-3.2.1

and found this:

commit 90e67e726f76ad378a514518b0c3b5256d67abfa
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Sat Nov 25 13:26:20 2023 -0500

Fix freshly introduced double-free.

We don't need the decoded X.509 Full(0) certificate for the EE usages 1 and 3,
because the leaf certificate is always part of the presented chain, so the
certificate is only validated as well-formed, and then discarded, but the
TLSA record is of course still used after the validation step.

Added DANE test cases for: 3 0 0, 3 1 0, 1 0 0, and 1 1 0

Reported by Claus Assmann.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22821)

(cherry picked from commit f636e7e6bd8e06c6d84e42729b4131b4f5df488f)

If it is just a simple matter of removing an unwanted
free() (or similar), I am pretty sure you can go ahead
and enable DANE with OpenSSL 3.2.1.

Re: sendmail 8.18.1 is available

<upgojj$26bqc$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=954&group=comp.mail.sendmail#954

  copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: kal...@kolttonen.fi (Kalevi Kolttonen)
Newsgroups: comp.mail.sendmail
Subject: Re: sendmail 8.18.1 is available
Date: Thu, 1 Feb 2024 18:40:52 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 11
Sender: <untosten@0.0.0.0>
Message-ID: <upgojj$26bqc$1@dont-email.me>
References: <upd6aq$tl0$1@news.misty.com> <86e6318fcc891a40b6f16819bf872c4a@www.novabbs.com> <upgh32$2518u$1@dont-email.me> <e7240fd6b38290035ea85710a2379355@www.novabbs.com> <upgo94$26aph$1@dont-email.me>
Injection-Date: Thu, 1 Feb 2024 18:40:52 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="8c5c4e11e7156ca9853c7df20ea331dd";
logging-data="2305868"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18VKuENsBGDzcV/BD9HDAXTJ7NNtJslvY0="
User-Agent: tin/2.6.2-20221225 ("Pittyvaich") (Linux/6.6.13-200.fc39.x86_64 (x86_64))
Cancel-Lock: sha1:LP5bhEl8XsEA/SgpKxhB6pu1KGQ=
 by: Kalevi Kolttonen - Thu, 1 Feb 2024 18:40 UTC

Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
> If it is just a simple matter of removing an unwanted
> free() (or similar), I am pretty sure you can go ahead
> and enable DANE with OpenSSL 3.2.1.

Yes, indeed, they have just removed this function call:

tlsa_free(t);

br,
KK

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor