[BlueOnyx:08514] Re: 5106R Majordomo vulnerability?

Chris Gebhardt - VIRTBIZ Internet cobaltfacts at virtbiz.com
Mon Sep 19 12:04:42 PET 2011


Hey Michael,
Michael Stauber wrote:
> Some people suggest to turn off NDA's in the MTA, which I think is a bad idea 
> and violates RFC822 anyway.

I agree that disabling NDA's altogether is not how I would like to see 
BlueOnyx packaged.   Making it a toggle in the GUI could be an option 
for those who think it's a good idea in their specific cases, but that 
is probably more trouble than it's worth.

> Suggested fixes (several different approaches):
> 
> a) Uninstall Majordomo
> b) Or convert from Majordomo to Mailman
> c) Or remove Majordomo aliases from /etc/mail/virtusertable if that site 
> doesn't use Majordomo

This customer is likely going to uninstall Majordomo.

We'll eventually do the same on our production hosting boxes, but you 
know what it's like migrating users to something new.  (And before 
anyone laughs, I *KNOW* some of you are keeping old BQ boxes around just 
so you keep FrontPage alive!)  :)

-- 
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ



More information about the Blueonyx mailing list