Help Getting Root's email to recipient

Alexander Dalloz ad+lists at uni-x.org
Sun Apr 17 22:42:14 UTC 2005


Am Mo, den 18.04.2005 schrieb Claude Jones um 0:11:

> > Yes, leave Sendmail running. The default configuration limit its binding
> > to localhost only. So what kind of security do you think to gain when
> > shutting it down?

> For every strong opinion on how to run various things in Linux, you can find 
> 10 contradictions. I spent the better part of today reading various documents 
> on Linux. When you're new to all this, it's hard to sort the good from the 
> bad and ugly. I'd read what seemed like a pretty good document on hardening 
> Linux and one of the things recommended was turning off sendmail. 

You are right, there are many different opinions about one single thing.
As Matthew said, you need a local MTA running to get mails i.e. the
daily logwatch report. As not everybody does need an MTA services to be
reached from outside the MTAs Fedora ship with are configured to only
accept connections from the machine itself on which they run. For
Sendmail this is done by

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

in the sendmail.mc. Ok, if someone hacked your host and you didn't keep
Sendmail up to date with security updates it may be possible that the
attacker can get root permissions through a local vulnerability of
Sendmail.

> For someone new like me, you're just another authority - it's hard for 
> learners like myself to know which ones to listen to. I appreciate your 
> taking time to help, today. I've started sendmail and removed the relevant 
> lines from my cronjob script, and now all the messages have stopped - - it's 
> a bit of an irony that this thread started as an appeal to get root's email 
> to a usr/recipient, since I've now managed to shut if off. 

You say you don't get any mail any longer or just those from your
cronjob which runs every 5 minutes? Check your maillog if you miss
mails.

> Claude Jones

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp 
Serendipity 00:33:55 up 5 days, 21:14, load average: 0.15, 0.21, 0.23 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050418/aa2427e9/attachment-0001.sig>


More information about the fedora-list mailing list