Date: Thu, 15 Feb 2001 06:21:23 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Rob Simmons <rsimmons@wlcg.com> Cc: Mikhail Kruk <meshko@cs.brandeis.edu>, Ragnar Beer <rbeer@uni-goettingen.de>, freebsd-security@FreeBSD.ORG Subject: Re: security settings documentation Message-ID: <200102151422.f1FEM1J70621@cwsys.cwsent.com> In-Reply-To: Your message of "Wed, 14 Feb 2001 16:43:58 EST." <Pine.BSF.4.21.0102141638540.15577-100000@mail.wlcg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.21.0102141638540.15577-100000@mail.wlcg.com>, Rob Simmon s writes: > I would disagree with -bd being mandatory. Sure it is needed if the > server is a mailserver or needs to recieve mail for some reason. I agree > that it should be "-bd -q30m" in /etc/defaults/rc.conf, but I think the > "High" security profile should have only -q30m. In fact I think the > Fascist level should have this setting instead of disabling sendmail > altogether. > > If you disable sendmail altogether, doesn't that keep the daily/weekly > root mails from being sent? Rather than have the sendmail daemon taking memory for 30 minutes doing nothing, why not run it out of cron with -q. Agreed, -bd is not mandatory. One could run Sendmail out of inetd using -bs or hide it behind Obtuse Systems Smtpd (smtpd) port, which implements a Qmail-like or postfix-like approach using Sendmail. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102151422.f1FEM1J70621>