Date: Wed, 17 Dec 1997 10:14:17 -0500 From: Nicholas Merrill <lists@mojo.calyx.net> To: freebsd-questions@freebsd.org Subject: Re: Sendmail HYPER-SECURITY Message-ID: <199712171514.HAA17149@hub.freebsd.org> In-Reply-To: <3497B58E.7A97@barcode.co.il> References: <19971217091842.5156.rocketmail@send1a.yahoomail.com>
index | next in thread | previous in thread | raw e-mail
At 01:20 PM 12/17/97 +0200, you wrote: >Charlie Roots wrote: >> I understand that Sendmail was, once, a major security hole by which >> attackers and hackers used to get the password file, and to obtain >> unauthorized root access priviledges, and I also understand that >> RECENT versions of sendmail has attacked the attackers by being more >> secure than ever. Then Nadav replied: >This is abit out of the point, but still... Instead of relying on >sendmail's security you may choose to use the TIS fwtk's smap+smapd >combination (it's in the ports). I've been using them for over a year >and they work great. What it does is provide you with a small smtp >"stub" (smap) that's only smart enough so that your party will believe >it's a mailer. It then saves whatever comes in in a file and a daemon >(smspd) passes it over to sendmail. The advantage - there is *no* >outside access to sendmail at all! This make me feel safe enough not to >try and fill all possible security gaps inside sendmail, running it in a >pretty much generic configuration. That's one way to handle it. Or you could also look into running qmail (www.qmail.org) which is more secure to begin with. Nickhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712171514.HAA17149>