Ubuntu has issued an update for postfix. This fixes a security issue, which can be exploited by malicious people to use a vulnerable system as an open relay.
The problem is caused due to an error in the IPv6 handling when "/proc/net/if_inet6" is not available (e.g. when running in a chroot jail). This makes it possible to relay mails through the system to any MX host with an IPv6 address.
Successful exploitation requires that "permit_mx_backup" is enabled in "smtpd_recipient_restrictions".
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org