Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
RE: [suse-security] Securing sendmail
  • From: "Matthew Thomas" <mthomas@xxxxxxxxxxxxxxxxx>
  • Date: Tue, 29 Jan 2002 11:15:49 -0800
  • Message-id: <002e01c1a8f9$61ba31c0$e105050a@xxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- From the LDP (network admin guide):

"confSMTP_LOGIN_MSG (SmtpGreetingMessage)
Whenever a connection is made to sendmail, a greeting message is
sent. By default, this message contains the hostname, name of the
mail transfer agent, the sendmail version number, the local version
number, and the current date. RFC821 specifies that the first word of
the greeting should be the fully qualified domain name of the host,
but the rest of the greeting can be configured however you please.
You can specify sendmail macros here and they will be expanded when
used. The only people who will see this message are suffering system
administrators diagnosing mail delivery problems or strongly curious
people interested in discovering how your machine is configured. You
can relieve some of the tedium of their task by customizing the
welcome message with some witticisms; be nice. The word "EMSTP" will
be inserted between the first and second words by sendmail, as this
is the signal to remote hosts that we support the ESMTP protocol
(Default: $j Sendmail $v/$Z; $b)."

So you do need to leave the hostname there.

One place you can look for more info on securing sendmail is:
http://www.sendmail.net/000705securitygeneral.shtml

- -Matt

- -----Original Message-----
From: r.ems@xxxxxxx [mailto:r.ems@xxxxxxx]On Behalf Of Richard Ems
Sent: Tuesday, January 29, 2002 10:28 AM
To: suse-security@xxxxxxxx
Subject: [suse-security] Securing sendmail


Hi all!

I'm trying to secure sendmail's configuration a bit.
I'm running SuSE's sendmail-8.11.6-29 package on SuSE Linux 7.3.

Here my two questions:

1) Should I change the Greeting string (SmtpGreetingMessage) ?
Per default it will return lots of information such as "real"
hostname and sendmail's version. Is this info needed by some other
mail
program?

2) And what about the help file (helpfile) ? This is also some
information which is probably not needed! So cat /dev/null > helpfile
or
rm helpfile ?

Where do I found some info about securing sendmail?


Many thanks, Richard


- --
Richard Ems
... e-mail: r.ems@xxxxxxx
... Computer Science, University of Hamburg

Unix IS user friendly. It's just selective about who its friends
are.

- --
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 Int. for non-commercial use
<http://www.pgpinternational.com>

iQA/AwUBPFb05WCxI19Ln0TAEQIYGwCg05/iKQZC/0/AS2/d0cXUySRm1n4An19t
sv295mpOeAecaHHVAaW0DdJM
=kVq4
-----END PGP SIGNATURE-----


< Previous Next >
References