Securing Sendmail in Slack 12.2?
Hi all, I was reading an online article recently and according to the author, "Sendmail is full of holes". He was not as forthright with providing guides or solutions to "plugging" these holds but instead recommended that another mail program - Postfix - be used instead. I am no expert in such matters but as far as I am aware, Sendmail features in most Unix environments and comes bundled with Slack practically fully configured. Thus one can argue that if it properly secured then it should be a be solid mail solution.
Therefore, I would like to find out whether the default Slack 12.2 Sendmail offering is secure enough to be used as a mail server and if it isn't what steps can be taken to accomplish this. I read shilo's guide http://shilo.is-a-geek.com/sendmail18.html for setting up his mail server. There he provided a quick "hack" which according to him "increases your mail server security a bit". Obviously a "bit" is better nothing :), but I rather suspect that there is a "tad" more that can be done :). I will be quite grateful for any advice. Cheers |
control access to sendmail with hosts.allow and hosts.deny
I have an /etc/hosts.deny file. The contents of the file is merely:
Code:
ALL:ALL Code:
sendmail:localhost |
Well I doubt the "Full of holes" comment has much merit without any real proof. Suffice to say that any service that is not configured correctly can be seen as a liability though.
Sendmail is a widely used and solid mail server and while it is a bit complex if it were full of holes I'm sure it would be front page news by now. I prefer Postfix myself but mainly due to it's simple and flexible configuration. You'll find a postfix slackbuild at Slackbuilds.org |
Thanks for the responses guys.
|
Quote:
But in the more recent past, Postfix is actually criticized for its architecture, which is secure, but doesn't support extension ("Plug-ins") as well, and several vulnerabilities were found. More than in Sendmail in the same period of time. Quote:
In the end, both MTAs are doing their job really well. I use what's included with the distro, therefore, as long as it is one of these two. gargamel |
All times are GMT -5. The time now is 02:29 AM. |