Hi! I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure? Thanks for help, Max Lindner
Take a look at postfix. Max Lindner wrote:
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Thanks for help, Max Lindner
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- ____________________________________________________________ Duane Kehoe Phone # 414.908.1814 Junior Programmer/Analyst Fax # 414.908.1814 Weyco Group, Inc. Email: dkehoe@weycogroup.com
Personally I go with sendmail firstly of late most of the bugs were ironed out and thus it is considered quite safe. However postfix is a good alternative to sendmail and more secre. However I found it harder to configure than sendmail. On Tue, 28 Nov 2000, Max Lindner wrote:
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Thanks for help, Max Lindner
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
On Tue, 28 Nov 2000, semat wrote:
Personally I go with sendmail firstly of late most of the bugs were ironed out and thus it is considered quite safe. However postfix is a good alternative to sendmail and more secre. However I found it harder to configure than sendmail.
I found postfix (www.postfix.org) MUCH easier to configure than sendmail. I got things working right away that I had not figured out how to do properly after reading lots of sendmail documents. And is designed to be secure right from the start, unlike sendmail. All it takes is one simple error in any number of configuration files for sendmail and you're cracked! You may not consider security important for a server that serves up "public" information. But consider if someone broke in and changed the public information to say something else that you did not intend to - as has hapenned on other sites. Consider your time to reinstall the system after it has been cracked. Consider if you want your host to be used as a base for cracking other hosts, once someone has broken in. and so on. Try postfix - you'll like it. the SuSE RPM packages make it easy to switch to sendmail after if you change your mind. Brett a recent postix convert
Ditto. I'm of the opinion that sendmail (like alot of powerful unix programs.. like apache..) is only as secure or insecure as the way in which you implement it. Personally I learnt mail routing on sendmail originally and anything else I try now seems underpowered. If you are using SuSE, then I recomend you have a look at /etc/mail/linux.mc (there is a page in the manual that tells you about this) Although there is a problem with this file at the moment (it seems to have been broken in a minor way in SuSE 6.4 and not fixed since.) I have not gotten around to filing a bug report. *** So, ROMAN!! Please consider this a BUG REPORT! *** Anyway, what you do is simply edit /etc/mail/linux.mc (or a copy of it) and select the options you want by removing the "dn1" from the front of the lines you want. In some cases you will also need to change the domain etc also. It is very well commented, and you should have not trouble figuring it out. Once you think you have the right options you then execute the command "m4 /etc/mail/linux.mc > /etc/sendmail.cf" and it will regenerate the sendmail config file for you. Now, because of a bug somewhere in one of the macros, you will then need to edit /etc/sendmail.cf with a text editor and do a search for "dn1" and simply delete it (if it exisits) "dn1" is a comment character for .mc macro files but not in sendmail.cf files. once you have done this, you can simply issue the command: /etc/rc.d/sendmail restart you should now be ready to send mail from localhost and recieve mail to the domain you specified. for any other ipranges that you want to be able to relay through the server, simply edit /etc/mail/relay-domains and then restart sendmail afterwards. it takes the format of: #Ipaddress or domain in the first column relay 203.100.50. relay domain.com.au relay and /etc/mail/sendmail.cw contains a list of the domains that you want to accept as local. if these files do not exist, just create them and sendmail will use them if you have generated it's config from /etc/mail/linux.mc If you have any probs, just mail the list again and I'll try to help.. Cheers Nix At 07:38 PM 28/11/2000 +0300, you wrote:
Personally I go with sendmail firstly of late most of the bugs were ironed out and thus it is considered quite safe. However postfix is a good alternative to sendmail and more secre. However I found it harder to configure than sendmail.
On Tue, 28 Nov 2000, Max Lindner wrote:
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Thanks for help, Max Lindner
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
*** So, ROMAN!! Please consider this a BUG REPORT! ***
Anyway, what you do is simply edit /etc/mail/linux.mc (or a copy of it) and select the options you want by removing the "dn1" from the front of the lines you want. In some cases you will also need to change the domain etc also. It is very well commented, and you should have not trouble figuring it out. Once you think you have the right options you then execute the command "m4 /etc/mail/linux.mc > /etc/sendmail.cf" and it will regenerate the sendmail config file for you. Now, because of a bug somewhere in one of the macros, you will then need to edit /etc/sendmail.cf with a text editor and do a search for "dn1" and simply delete it (if it exisits) "dn1" is a comment character for .mc macro files but not in sendmail.cf files.
I don't have this problem here (can't reproduce it).
Sorry...
Roman.
--
- -
| Roman Drahtmüller
On Wed, 29 Nov 2000 05:00:18 +0100 (MET), you wrote:
I don't have this problem here (can't reproduce it). Sorry... Roman.
Me neither. I was "fighting" against Sendmail and didn't find any problem in compiling SuSE mc. Anyway I don't recommend to use the sendmail version which ships with SuSE (at least 6.4 distro). Go to www.sendmail.org, download latest tar-ball and compile it by yourself. Old sm versions miss some nice security-related features. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hi, At 05:00 29/11/00 +0100, Roman Drahtmueller wrote:
*** So, ROMAN!! Please consider this a BUG REPORT! ***
No, this doesn't look like a bug.
the options you want by removing the "dn1" from the front of the lines you want.
The code is DNL in lower case that is Delete through New Line, ie letter L not figure 1. If you have put dn1 in, its no wonder m4 goes batty. John
Nix wrote:
"dn1" is a comment character for .mc macro files but not in sendmail.cf files.
It should be "dnl" which is a macro for "delete to next newline"
not "dn1". Perhaps you changed something and confused 1 (one) and l
(ell) which is your Problem with the file.
Back to topic...
Sendmail had really a lot of security problems. It got much better when
many people switched to other MTA especially qmail which was designed
to be as simple and secure as possible. But sendmail is still a monster
application. You can do nearly everything with sendmail. People say
you are not a Unix system admin if you never wrote a sendmail.cf from
scratch but you are a fool if you do it twice ;-)
I use qmail. It's the same version since years. No security problems.
When i had to switch off relaying (some years ago, when spammers
began using relays) i just added a one line config file. qmail is
also nice for useradministrated small mailinglists. But because the
licence is a bit strange qmail is not included as a binary package
in most distributions. (http://cr.yp.to/qmail/dist.html)
Recently i had a look at exim. I found a funny feature, when exim
finds that a message is permanently undeliverable the message will be
"frozen".
Every MTA has it's advantages and disadvantages. Don't switch if you
like the one you use now.
--
/"\ Jürgen Dollinger
\ / ASCII Ribbon Campaign Uni Ulm
X Against HTML Mail http://www.home.pages.de/~zeitnot/
/ \ #include
Back to topic...
Sendmail had really a lot of security problems. It got much better when many people switched to other MTA especially qmail which was designed
Well, we could as well discuss editors or shells. But, referring to the
original question: Could anybody please point us to a security problem in
sendmail during the last 2.5 years, please?
Thanks,
Roman.
--
- -
| Roman Drahtmüller
On 30 Nov 2000, at 15:16, Roman Drahtmueller wrote:
Well, we could as well discuss editors or shells. But, referring to the original question: Could anybody please point us to a security problem in sendmail during the last 2.5 years, please?
Hi, last time I checked, sendmail was said to need a very good configuration to be treated as secure (I lost the references that gave me that impression). Qmail is much more easy to configure (to me). That is why I treat it as more secure. I do not fear sendmail itself, but my inability to configure it correctly. Ease of use can be treated as a gain of security. mike
On Thu, Nov 30, 2000 at 04:11:46PM +0100, Thomas Michael Wanka wrote:
last time I checked, sendmail was said to need a very good configuration to be treated as secure (I lost the references that gave me that impression). Qmail is much more easy to configure (to me). That is why I treat it as more secure. I do not fear sendmail itself, but my inability to configure it correctly. Ease of use can be treated as a gain of security.
What I love is when people stand behind other peoples opinions over what is secure. How many people have actually audited the source code running on their system that they claim is "secure". -miah
Well, we could as well discuss editors or shells. But, referring to the original question: Could anybody please point us to a security problem in sendmail during the last 2.5 years, please?
Kernel capabilities bug was exploitable through sendmail. But not postfix (and I doubt qmail but I'm not 100% sure). Hell, postfix is faster, when I moved my old mailing list server from sendmail to postfix it took 15 minutes instead of 2 hours to delivery 90% of the list and system load stayed below 0.1 (used to hit 2-3). I remember seeing that and thinkging "huh. Why the hell have I been using sendmail?". If a problem is found in sendmail it is probably "fatal" die to it's design, whereas postfix/qmail are much more forgiving (30odd k runs as root, the rest doesn't). Unfortunately Qmail's license sucks. Kurt Seifried: "Postfix - the Sendmail replacement". Kurt's Closet, September 1999. http://www.securityportal.com/closet/closet19990915.html Kurt Seifried: "Postfix - The Sendmail Replacement, Part II". Kurt's Closet, November 2000. http://securityportal.com/closet/closet20001122.html
Thanks, Roman.
-Kurt
Hi Max,
we use sendmail for a couple of years now and have lived through times when
every day a new sec vuln had been announced - but all those sec vulns got fixed
quickly and now (as of version 8.11.x) sendmail can be considered "secure
enough" to recommend it as your primary mta.
The PROs:
- very active maintainer team (www.sendmail.org)
- a couple of millions users worldwide
- very flexible and adaptible for your needs
- fully compatible to almost all internet mail standards
- supported by most tools/apps (antivirus, spam-blocker, etc.)
- very well documented, lots of good books are available
- highly reliable if configured correctly
The CONs:
- difficult to set up
- some work is required to secure it tightly
- even more hard to adjust to non-standard needs
- most admins need quite some time to get used to it
Today the security of a sendmail installation depends mainly on the admin and
his efforts to tighten security to a certain point; for example, sendmail
versions pre-8.9. came with no relay-prevention for domains other than your
own, so you had to implement some decent anti-relaying, newer versions do not
relay out of the box anymore. The most important setup step is to choose a user
other than root for sendmail.
Of course there are more good mailers available - look for exim, smail, postfix
and qmail - all of them have their very own pro's and con's, but most are
easier to set up and maintain.
If you plan to implement a quite basic mail transfer facility, sendmail may be
a bit too big for you.
Anyway - IMHO sendmail is one of the best MTAs available if you use it wisely...
Boris
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Thanks for help, Max Lindner [...]
On Tue, 28 Nov 2000, Max Lindner wrote:
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Here we go again. ;-). Sendmail if you use the current version is totally secure (if anyone knows hacks for sendmail 8.9.3 or later I'd love to hear them!). You can use postfix if you want, but the differences are mainly in the configuration, which for someone new to mail might be a little easier. Next to that the system load generated by postfix is probably a little smaller. Qmail I don't know, but I'm getting a little tired of people who call sendmail insecure without having a valid example of where postfix or qmail is superior to sendmail in the way of security. Sendmail's userbase is a lot larger than that of the others, and (partly because of this) it might not always be the first to implement new features, but it's never far behind.
Thanks for help, Max Lindner
Stefan
for me, qmail was the answer to the problem. i found it to be very very very easy to install and configure and it's idea of configuration and handling etc. is a lot more intuitive than sendmail or postfix i find. moreover, qmail is very secure in that noone managed to hack it yet, and i am constantly amazed by it's efficiency. take a look at www.qmail.org and www.ezmlm.org if you need a very nice mailing list manager. martin also sprach Max Lindner (on Tue, 28 Nov 2000 04:23:38PM +0100):
Hi!
I'm must make a decision wether to install sendmail or not. I've heard that sendmail is unsecure, but it is also used very often. My case would be a server without really sensitive data, only public html-files on apache and so on. What do you think about sendmail? Do you know other mail-deamons which are more secure?
Thanks for help, Max Lindner
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
[greetings from the heart of the sun]# echo madduck@!#:1:s@\@@@.net -- "it appears that pl/i (and its dialects) is, or will be, the most widely used higher level language for systems programming." -- j. sammet
Thanks for the tips, I'll try qmail and postfix. Max
Hi everyone, everbody is talking about sendmail and qmail. But Exim was never mentioned here. I had a quick (very quick :-)) look at securityportal.com, but I didn't found anything. Any experience with exim? Thanks Daniel
participants (16)
-
Boris Lorenz
-
Brett Delmage
-
Daniel Minder
-
Duane Kehoe
-
jjohnson@penguincomputing.com
-
John Trickey
-
Jürgen Dollinger
-
Kurt Seifried
-
MaD dUCK
-
Max Lindner
-
Nix
-
Roman Drahtmueller
-
RoMaN SoFt / LLFB!!
-
semat
-
Stefan Suurmeijer
-
Thomas Michael Wanka