Ditto. I'm of the opinion that sendmail (like alot of powerful unix programs.. like apache..) is only as secure or insecure as the way in which you implement it. Personally I learnt mail routing on sendmail originally and anything else I try now seems underpowered. If you are using SuSE, then I recomend you have a look at /etc/mail/linux.mc (there is a page in the manual that tells you about this) Although there is a problem with this file at the moment (it seems to have been broken in a minor way in SuSE 6.4 and not fixed since.) I have not gotten around to filing a bug report. *** So, ROMAN!! Please consider this a BUG REPORT! *** Anyway, what you do is simply edit /etc/mail/linux.mc (or a copy of it) and select the options you want by removing the "dn1" from the front of the lines you want. In some cases you will also need to change the domain etc also. It is very well commented, and you should have not trouble figuring it out. Once you think you have the right options you then execute the command "m4 /etc/mail/linux.mc > /etc/sendmail.cf" and it will regenerate the sendmail config file for you. Now, because of a bug somewhere in one of the macros, you will then need to edit /etc/sendmail.cf with a text editor and do a search for "dn1" and simply delete it (if it exisits) "dn1" is a comment character for .mc macro files but not in sendmail.cf files. once you have done this, you can simply issue the command: /etc/rc.d/sendmail restart you should now be ready to send mail from localhost and recieve mail to the domain you specified. for any other ipranges that you want to be able to relay through the server, simply edit /etc/mail/relay-domains and then restart sendmail afterwards. it takes the format of: #Ipaddress or domain in the first column relay 203.100.50. relay domain.com.au relay and /etc/mail/sendmail.cw contains a list of the domains that you want to accept as local. if these files do not exist, just create them and sendmail will use them if you have generated it's config from /etc/mail/linux.mc If you have any probs, just mail the list again and I'll try to help.. Cheers Nix At 07:38 PM 28/11/2000 +0300, you wrote:
Personally I go with sendmail firstly of late most of the bugs were ironed out and thus it is considered quite safe. However postfix is a good alternative to sendmail and more secre. However I found it harder to configure than sendmail.
On Tue, 28 Nov 2000, Max Lindner wrote:
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Thanks for help, Max Lindner
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com