Security Basics mailing list archives
Re: Sendmail 8.11 configuration/security issue
From: Wahyu Kelik <mahapatih () bunga compeng org>
Date: Sat, 4 Jan 2003 12:17:36 +0900
On Fri, Jan 03, 2003 at 04:53:08PM -0600, Ned Fleming wrote:
[snip] Are you using the FEATURE(relay_local_from) in Sendmail? This feature allows relaying if the message claims to originate at your domain. Since forging this address is trivial, this is probably a bad idea. But I'm no Sendmail expert. My best advice would be to switch to Postfix, which is orders of magnitude easier to configure.
Beside change to postfix, you can point to sendmail authentication configuration (using STARTTLS and SMTP AUTH). I use SMTP AUTH for internal user, and /etc/mail/access.db for external mail server (just limited to server that allows to relay). I add this one to my sendmail.mc define(`confAUTH_OPTIONS', `A')dnl define(`confAUTH_MECHANISMS', `CRAM-MD5 DIGEST-MD5 LOGIN')dnl TRUST_AUTH_MECH(`CRAM-MD5 DIGEST-MD5 LOGIN')dnl Regards, -kelik-
Current thread:
- Sendmail 8.11 configuration/security issue oobs3c02 (Jan 03)
- Re: Sendmail 8.11 configuration/security issue simsjs (Jan 03)
- Re: Sendmail 8.11 configuration/security issue john65 (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Don Voss (Jan 05)
- Re: Sendmail 8.11 configuration/security issue Timothy M. Lyons (Jan 06)
- <Possible follow-ups>
- RE: Sendmail 8.11 configuration/security issue Keith T. Morgan (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Ned Fleming (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Wahyu Kelik (Jan 05)
- RE: Sendmail 8.11 configuration/security issue john65 (Jan 05)
- Re: Sendmail 8.11 configuration/security issue Ned Fleming (Jan 03)