Sendmail and security
Gregory P. Ennis
PoMec at PoMec.Net
Mon Jan 23 05:23:00 UTC 2006
On Sun, 2006-01-22 at 19:45 -0800, Donald Arseneau wrote:
> Anne Wilson <cannewilson at tiscali.co.uk> writes:
>
> > A user of another distro has remarked that I should uninstall sendmail.
> > <quote> Sendmail simply has too many security issues to leave it on any
> > machine. </quote>
> >
> > Surely a box kept up to date would not have those security issues. Am I
> > missing something?
>
> I can agree with the sentiment, but it is not a case of unpatched security
> holes. Sendmail is just too difficult to configure for it to be used on
> an average user's computer. It isn't a security hole just being there,
> the way it is configured by default (nowadays), but if the user wants
> to enable more, it is easy to accidentally make a spam remailer.
>
>
> --
> Donald Arseneau asnd at triumf.ca
>From my view sendmail is an excellent MTA. It certainly takes a while
to understand and master the logic. It took me two years, and then
there are many many features that I have not even tried to use. I have
always been able to accomplish what I want very easily. In particular
the way sendmail is packaged with FC4 it is very easy to get a good
start, but if you are going to do some changes make sure you get the
O'Reilly 'bat' book, and I would also recommend the O'Reilly sendmail
cookbook.
Good Luck!!
Greg
More information about the fedora-list
mailing list