Extra Data at End of qf File
One form of attack against
sendmail is to append
additional control lines to the end of an existing
qf
file. V8.7
sendmail specifically checks
for additional text and rejects the qf
file if any is
found:
SECURITY ALERT: extra data in qf: first bogus line printed here
Losing qffile
: bogus queue line
V8.7 sendmail terminates its
legitimate list of qf
control lines by placing a dot on a
line by itself. Any text following that line,
including comments and blank lines, is considered an
error. This can represent a serious attack against
your machine or site. If you get this message,
investigate at once.
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.