Date: Wed, 4 Oct 2000 11:39:57 -0700 (PDT) From: Gregory Neil Shapiro <gshapiro@gshapiro.net> To: Maxime Henrion <mux@qualys.com> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: questions and suggestions about default sendmail configuration Message-ID: <14811.31101.675079.926@horsey.gshapiro.net> In-Reply-To: <20001004012215.A806@nebula.cybercable.fr> References: <20001004012215.A806@nebula.cybercable.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
mux> First, I realized that sendmail is running by default on port 25 mux> (nothing weird here ...) but on port 587 too because of this line in= mux> the sendmail.cf : mux> O DaemonPortOptions=3DPort=3D587, Name=3DMSA, M=3DE mux> It is probably known and wanted because I remember a thread about it= a mux> while ago. However, if someone could explain me the use of this, mux> that'd be kind ! :-) =46rom the RELEASE_NOTES: sendmail implements RFC 2476 (Message Submission), e.g., it can now listen on several different ports. Use: O DaemonPortOptions=3DName=3DMSA, Port=3D587, M=3DE to run a Message Submission Agent (MSA); this is turned on by default in m4-generated .cf files; it can be turned off with FEATURE(`no_default_msa'). mux> Then, the genericstable feature is not enabled by default. mux> To enable genericstable, these lines must be added to the freebsd.mc= mux> file : mux> FEATURE(genericstable, `hash -o /etc/mail/genericstable')dnl mux> GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl I more inclined to push for users configuring features they need rather than pushing them in the default configuration. Additionally, in practic= e, I actually don't see a lot of sites using genericstable. mux> Finally, the PrivacyOptions set by default allow both the usage of t= he mux> EXPN and VRFY command, wich aren't a real security threat but can mux> anyway allow someone to get some informations since it's an easy way= mux> to know wether a login exists on a system or not. Thus, it would mux> perhaps be a good idea to add noexpn and novrfy to the PrivacyOption= s mux> (or even goaway, but it might be a bit hard by default ;). I do agree with this one however. I'll add it to my list of things to do= =2E To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14811.31101.675079.926>