Sendmail and security
Les Mikesell
lesmikesell at gmail.com
Mon Jan 23 04:51:23 UTC 2006
On Sun, 2006-01-22 at 21:45, Donald Arseneau wrote:
> > A user of another distro has remarked that I should uninstall sendmail.
> > <quote> Sendmail simply has too many security issues to leave it on any
> > machine. </quote>
> >
> > Surely a box kept up to date would not have those security issues. Am I
> > missing something?
>
> I can agree with the sentiment, but it is not a case of unpatched security
> holes. Sendmail is just too difficult to configure for it to be used on
> an average user's computer. It isn't a security hole just being there,
> the way it is configured by default (nowadays), but if the user wants
> to enable more, it is easy to accidentally make a spam remailer.
The complexity is more than offset by the available expertise,
though. Everything a normal user might want to do is a
just a few lines of change in the .mc file that someone
on the mail list will suggest. The next step beyond
that is to add a milter handler like MimeDefang to
get control that is fairly difficult to duplicate with
any of the other mailers. And if you want to do something
no one else has considered you can still do it at the
sendmail.cf level.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list