COMMAND

    sendmail

SYSTEMS AFFECTED

    Systems running sendmail

PROBLEM

    The following text is based on  Alan Brown's post.  In mail  going
    back and  forth with  Eric Alman  and the  sendmail team regarding
    the  massive  amount  of  spamming  that's  happening using forged
    HELOs and other bits'n'pieces, the following item came up:

    Sendmail does not  do a forward  DNS crosscheck on  the PTR record
    associated with incoming IPs.

    For example, given control of a netblock's in-addr.arpa table,  it
    is trivial to make mail appear  to come from any named machine  on
    the planet and only a manual lookup on the IP will show the lie.

SOLUTION

    Maybe new sendmail will be better?