LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-16-2001, 02:09 PM   #1
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
Sendmail


Evening all (well if you're in the UK anyway),

I'm about to loose my Uni mail account so am moving elses where, and as I'm gonna have to change email addresses anyway I thought I might as well open up port 25 and let the world use my machine as an open relay to spam every one ^H^H^H^H^

So has anyone got any (many!??) security tips or points of interest that I should pay special attention to in my Sendmail setup? I'm just about to upgrade to the latest version (8.11.4). I can't say I've ever really paid much attention to sendmail so I'm on a steep learning curve (the best kind!! )

I'm already planning to move /var/spool off into its own partition so people can't kill my system by mailing me tonnes of attachments (not that I've got a few friends who'd do that for a laugh for anything...).

cheers all

Jamie...

PS - It was a joke about being open-relay, before people start screaming about it!! (I know I would)

Last edited by jharris; 07-16-2001 at 02:36 PM.
 
Old 07-17-2001, 05:15 AM   #2
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
Post

Hi Jamie,

I'm sure I don't have to tell you how sendmail has a long history of security related problems, which I'm sure we are going to see more of.

Anyway the latest version "not beta" seems to be more secure then the others. "for now"

Also a lot of the security/bug exploits tend to be for local users to issue root commands, only a small percentage allow remote root access.

So I suggest you subscript as many bugtraq security mailing list as possible and keep an eye out for security issues in sendmail.
Also don't use any version less then 8.10.2 on any Linux box with a kernel older then 2.2.16.
that's it.

Ok so what's that relay ip again, I have a new revolutionary money making idea of selling fake diplomas to everyone on the internet for only $4.99..

/Raz
 
Old 07-17-2001, 05:23 AM   #3
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Original Poster
Rep: Reputation: 46
Quote:
Originally posted by raz
Also a lot of the security/bug exploits tend to be for local users to issue root commands, only a small percentage allow remote root access.
Thats good to know, as its only me and a few friends who every get on the box locally I'm not expecting any local use problems.

Thanks for the input, I'll spec up bugtraq

Jamie...
 
Old 07-17-2001, 10:57 AM   #4
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
At the expense of sounding more foolish than I usually am, I offer the following.

Have a look at postfix. No. Really. I've had the O'Reilly sendmail book for over a year and I can't get past ony one chapter without weeping. I often wonder whether the sendmail book is really just a big hoax. I can see the editorial meeting that led to it's creation...

Tim: Do people actually read the stuff we print?
Board: I dunno, Tim. Why don't we cut and paste text at random, salt it with some &, #, (), and a few R$* < @ $+ > $*. Then just wait to see if anyone calls our bluff.

Yeah I know it's a low-down, dirty dig at an esteemed publisher (O'Reilly) and a veritable institution (sendmail), but my confidence level in my setups was low enough to look to postfix. I don't mean to bash sendmail as I know it's powerful, and yaddah, yaddah - but unless you've been using it since its inception it's no wonder people config it with little or no security.

Just my two $CDN0.02 - your exchange rate may vary.
 
Old 07-17-2001, 11:03 AM   #5
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Original Poster
Rep: Reputation: 46
Cheers for the pointer. I'm gonna play with sendmail for a bit then probably investigate some alternatives. I want to get some sendmail experience as its used a lot... I know what you mean about the config though and the O'Reilly book you mention. I've read some of it ages ago but now I've got alittle more insentive I'm gonna give it a proper read.

Thanks

Jamie...
 
Old 08-13-2001, 12:12 PM   #6
t163r
LQ Newbie
 
Registered: Apr 2001
Posts: 15

Rep: Reputation: 0
postfix help

Hi

I'm running my own linux server too and wandering how you manage to get postfix to work?
(don't use sendmail if you don't configure every bit's and bytes' is my tip and I didn't manage that well)

I've followd all the steps in every readme and install and online how-to's that I can find but all that happends is either that postfix doesn't start or just mangae to send mail.

my system is slack8.0 and I've got the newest postfix.tar.gz

Anyone with an install script that works on slack?

Tanks in advance
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail ignores my sendmail smarthost entry Paul_assheton Linux - General 1 03-17-2009 08:55 AM
FC4 and Sendmail - Cannot create sendmail.pem Balderayne Linux - Security 2 11-09-2005 03:55 PM
php+ sendmail no good - python + sendmail ok nephish Linux - Networking 1 10-07-2005 02:19 PM
Sendmail - RunAsUser=sendmail:mail/What files to i have to change ForumKid Linux - Security 45 01-18-2002 12:47 PM
sendmail (dont just ignore it 'cause its got sendmail in the subject :P) GnomeKing Linux - Networking 1 11-12-2001 10:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration