Penetration Testing mailing list archives
Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email
From: Fyodor <fygrave () TIGERTEAM NET>
Date: Wed, 30 Aug 2000 00:26:28 +0700
~: ~:An associate has suggested that I would need to hand-hack the sendmail.cf ~:file to add another (local) recipient into the mail delivery before it is ~:sent off to mailertable for delivery. My sendmail skills aren't quite up if you want to stick with standard sendmail features, you will need to use mailertable or virtusertable feature. Something like this might work: @their.domain.com yourlocaluser, %1 () mailserver their domain com I am not certain if you can place several domains on right side, try experimenting with different delimeters, maybe just plain space, I am lazy to play with it on the moment. However if either way fails, do it in simple-stupid-but-works way :-) Add something like: yourlocalalias: localuser, blahuser () odd local com to aliases file, and: @their.domain.com yourlocalalias @odd.local.com %@mail.their.domain.com to virtusertable or something. :) Also you may want to pass the message through a script to remove headers which would point out that the mail has gone through your box (althrough they would still see `received from: yourbox' header there, but there might be ways around it as well. (f.e. ehlo AA..A with old sendmails and other MTAs)). in this case something like: @their.domain.com yourlocalalias in virtusertable, and: yourlocalalias: "|/your/script" in aliases would be enough. However if you want to do it in a geeky way :), replace ^Mrelay mailer with something pointing to your own `delivery' program which would save a copy of message it gets on stdin and then passes it to your budies. Make sure you make it being able to recognize what domain to relay to, if you are hijacking multiple domains, cuz relay mailer is used for all relaying operations in sendmail. blah blah.. hope it helps :) ~:to this level, and I wondered if anybody has ideas on how I can turn this ~:into a reality? Anybody done something like this before? Anybody seen a ~:how-to on this? Anybody provide some pointers to a quick head's-up on ~:sendmail.cf delivery rule hacking? ~: Bat-book? :) was a neat source of information for me :) -F
Current thread:
- [PEN-TEST] Hardware Penetration -- A Discovery Involving Gate Access Security Systems Ben Lull (Aug 28)
- [PEN-TEST] Sendmail: Keeping a copy of relayed email David Taylor (Aug 29)
- Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email DmuZ (Aug 29)
- Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email Edward Mitchell (Aug 29)
- Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email Marco (Aug 29)
- Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email Fyodor (Aug 29)
- Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email José M. Fandiño (Aug 30)
- Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email Glynn Clements (Aug 31)
- [PEN-TEST] Sendmail: Keeping a copy of relayed email David Taylor (Aug 29)