Hi,
On Thu, 27 Jan 2000, Nick Zentena wrote:
Security Webmaster OKDesign oHG wrote:
just received a message from the "famous" :-) ORBS database claiming
Hi Lenz, of course you and Nick are correct. SuSE6.0 came with sendmail 8.8. I forgot to mention that I updated to sendmail 8.9. /etc/sendmail.cf tells: ##### @(#)cfhead.m4 8.9 (Berkeley) 1/18/97 ##### ##### @(#)cf.m4 8.24 (Berkeley) 8/16/95 ##### As far as I can see this means sendmail is version 8.9. Or am I wrong ? --- Stephan -----Ursprüngliche Nachricht----- Von: Lenz Grimmer <grimmer@suse.de> An: SuSE-Security-List <suse-security@suse.com> Datum: Freitag, 28. Januar 2000 13:25 Betreff: Re: [suse-security] sendmail 8.9 open relay ? that
our server is open for mail-relaying. Hmm, as far as I remeber, this was correct for the earlier versions and I was told (from SuSE I think, but not sure about this) that sendmail would be safe starting with SuSE6.0. Well, I did install SuSE6.0 and thought this would be ok now. I did some checks by myself and found out that the server is indeed still open for relays.
SuSE6.0 came with sendmail 8.8. No? If so it defaults to open relay. 8.9 fixed that.
Correct:
rpm -qp /CD-ARCHIVE/6.0/suse-i386-1/CD1/suse/n1/sendmail.rpm sendmail-8.8.8-45
We switched to sendmail 8.9 with SuSE Linux 6.1
Bye, LenZ
-- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer 90443 Nuernberg, Germany