[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Checking sendmail.cf file at boot time

Spam is one of the biggest problems on the internet. That's why I'm so
interested in MTA's.  

I want to play with postfix to see if it is better than sendmail, or at
least easier to use...


On Sat, 2003-07-26 at 13:52, Joe wrote:
> Robert L Cochran wrote:
> >In an earlier posting I made on the Shrike list, I mentioned it is a
> >good idea to turn off mail relaying in sendmail. Someone responded that
> >the default sendmail implementation from Red Hat only listens for
> >connections on the local host, anyhow, so in effect why bother? 
> >
> >The best answer to that is that a substitute sendmail.cf file could be
> >inserted to the system maliciously at some point. You should not just
> >assume that sendmail is running with the actual Red Hat defaults, in
> >other words. 
> >
> This is theoretically true - but if an attacker has somehow gotten a 
> root shell on your box, you have much, much bigger problems than mail 
> relaying! Finding out how that happened, and taking measures to stop it 
> from happening again are the key.
> <snip security checks>
> The procedures you list would be considered paranoid by some, but others 
> would say that paranoia is the key to security. But if you're going to 
> be paranoid, be consistent though - why focus solely on sendmail? There 
> are thousands of things you will need to check daily or hourly, and 
> sendmail is one of the smaller issues. hacked kernels, kernel modules, 
> hacked utilities that mask an intruders presence (rootkits), hacked 
> libs, hacked network layer, identity theft, malicious users, denial of 
> service attacks, warez sites on your server, physical security, etc, etc.
> But on balance, a reasonably up to date redhat box with sensible 
> security measures is going to be one very tough nut to crack, for any 
> hacker without physical access. anything is possible, but the 
> probability of a sensibly managed redhat box getting hacked is quite low.
> Joe
> --
> Rhl-beta-list mailing list
> Rhl-beta-list redhat com
> http://www.redhat.com/mailman/listinfo/rhl-beta-list
Need help with computer hardware or software? I can take care of it in
your home at very reasonable cost.

Bob Cochran
Greenbelt, Maryland, USA

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]