Hi, I am trying to understand how the below mentioned sendmail vulnerability. http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc The description says that the DoS occurs when sendmail goes in a deeply nested malformed MIME message and uses the MIME 8-bit to 7-bit conversion function. Under what conditions would sendmail use the MIME 8-bit to 7-bit function? Only when the remote MTA doesn't understand 8-bit MIME, right? That would mean that a malicious user would have to force the victim MTA to relay the malformed mail to a MIME 7-bit-only MTA for the attack to succeed. This probably means that open relays and ISP SMTP servers are more vulnerable than purely incoming SMTP servers. I am just trying to make sense of the advisory and the possible threat of exploit. Thanks, - Siddhartha
