Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have recently been trying to reduce the amount of spam my company recieves. I am running Redhat 7.3 , with Sendmail 8.11.6-25. I also just installed Spam Assasin. I follwed the man pages, and the INSTALL docs but it acts like nothing is happening. Do I have to use Procmail for my pop delivery agent? I am using CUCIPOP for my mail delivery agent. This is a company server with about 50 e-mail address'.
I think you need not call it from procmail (refer to the install instructions of Spam Assassin).
However, if you start it from procmail, you might benefit from the possibility that procmail can create a backup copy of the original message before fed to SpamAssassin, and it can either rescue and deliver the message if Spam Assassin crashes.
I myself use procmail, and call Spam Assassin by this procmail recipe:
As for sendmail: I think version 8.11.6 has a critical security vulnerability, which makes it possible for an attacker to gain root privileges on the server by means of a simple malformatted letter.
I think sendmail 8.11.7 is the last security patch release addressing this issue in the no longer supported 8.11.x branch.
Since sendmail advertises its version number in many different ways, you should upgrade or patch your sendmail as soon as possible.
I am using Redhat RPMS, so I am pretty sure that they patched sendmail.
I think if RedHat patched sendmail, then your sendmail version number should be 8.11.7, since there were no patches issued to sendmail 8.11.6 addressing this vulnerability.
A new, complete release 8.11.7 was issued, instead.
You should make absolutely sure that the patch is there, since the risk is very high!