My beef with sendmail is that it leaves a security hole.
Does that mean you:
- suffered a breach of security in the past 2 years due to Sendmail on boxen you own or administer, or
- believed campfire hearsay when Ye Aulde Dragons told you Ancient Tales of 'Net Folklore five years ago, or
- are in a host/network situation where binding to localhost ports, user and network access restrictions, SELinux etc, etc won't be able to harden it enough for you?
It looks like the version of arpwatch that we are running requires sendmail.
Code:
]# rpm -q arpwatch
arpwatch-2.1a13-9.FC3 # * Mind you, not that I run FC3...
]# rpm -qR arpwatch
/bin/sh
/sbin/chkconfig
/sbin/service
config(arpwatch)
libc.so.6
libresolv.so.2
No deps here I can see.