Ubuntu
sendmail package

IPv6 reverse lookup broken (possibly by glibc-2.30.patch)

Bug #1879738 reported by Matthias Ferdinand
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sendmail (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

On Ubuntu 20.04 with glibc-2.31, sendmail fails to verify IPv6 client addresses (reverse-then-forward-lookup) and refuses to accept incoming mail:

May 20 16:42:50 mx sm-mta[161617]: ruleset=check_relay, arg1=[IPv6:2a04:6c0:0:0:0:0:bad:0], arg2=IPv6:2a04:6c0:0:0:0:0:bad:0, relay=hektik.14v.de [IPv6:2a04:6c0:0:0:0:0:bad:0] (may be forged), reject=451 4.1.8 Possibly forged hostname for IPv6:2a04:6c0:0:0:0:0:bad:0

No such problem on Ubuntu 18.04 (glibc-2.27).

It seems the patch "glibc-2.30.patch" fixes the FTBS problem, but does not provide an alternate method for IPv6 reverse lookups.

I checked with tcpdump and the forward lookups are always for "A" records instead of "AAAA".

There is already some #ifdef in conf.c, function sm_getipnodebyname() for gethostbyname2().

If I add
  #define HAS_GETHOSTBYNAME2 1
before that, reverse lookups for IPv6 do work again as expected.

Tags: patch
Revision history for this message
Matthias Ferdinand (mf+ubuntu1) wrote :

Hi,

please find attached patch for debian/configure.ac.

It removes the test for getaddrinfo() (not used in sendmail), and adds a test for gethostbyname2(), adding -DHAS_GETHOSTBYNNAME2=1 to sm_envdef when found.

Regards
Matthias Ferdinand

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "configure.ac snippet to test for gethostbyname2() and to define HAS_GETHOSTBYNAME2" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sendmail - 8.15.2-19

---------------
sendmail (8.15.2-19) unstable; urgency=medium

  * QA upload.
  * Fix IPv6 reverse lookups with glibc 2.30, thanks to Matthias Ferdinand.
    (Closes: #961538) (LP: #1879738)
  * Do not ship files generated by autoreconf.
  * Run autoreconf on debian/ at build time.
  * Switch to debhelper-compat (= 13).
  * Move /usr/lib/sm.bin/ to /usr/libexec/sendmail/.
  * Update Lintian overrides.

 -- Andreas Beckmann <email address hidden> Tue, 26 May 2020 01:48:43 +0200

Changed in sendmail (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.