10. Maintain Security with sendmail
by Gregory Neil Shapiro, Claus Assmann, George Jansen, Bryan Costales
sendmail 8.13 Companion
- sendmail 8.13 Companion
- Preface
- 1. Release Notes
- 2. Build and Install sendmail
- 3. Tune sendmail with Compile-Time Macros
- 4. Configure sendmail.cf with m4
- 5. Companion Programs
- 6. Tune Performance
- 7. Handle Spam and Filter with Milter
- What’s New with V8.13
- confREJECT_MSG
- The Milter Library
- The new smfi_quarantine( ) routine
- The new smfi_progress( ) routine
- The new smfi_stop( ) routine
- The new smfi_setdbg( ) routine
- The new smfi_setmlreply( ) routine
- The new smfi_setbacklog( ) routine
- The new smfi_opensocket( ) routine
- The new smfi_insheader( ) routine
- SMTP 421 and SMFIS_TEMPFAIL
- Root won’t remove socket file
- The greet_pause Feature
- The mtamark Feature (Experimental)
- The use_client_ptr feature
- Useful Tables
- What’s New with V8.13
- 8. Test Rule Sets with -bt
- 9. DNS and sendmail
- 10. Maintain Security with sendmail
- 11. Manage the Queue
- 12. Maintain Aliases
- 13. Mailing Lists and ~/.forward
- 14. Signals, Transactions, and Syslog
- 15. The sendmail Command Line
- 16. Debug sendmail with -d
- 17. Configuration File Overview
- 18. The R (Rules) Configuration Command
- 19. The S (Rule Sets) Configuration Command
- 20. The M (Mail Delivery Agent) Configuration Command
- 21. The D (Define a Macro) Configuration Command
- 22. The C and F (Class Macro) Configuration Commands
- 23. The K (Database-Map) Configuration Command
- 24. The O (Options) Configuration Command
- What’s New with V8.13
- New =m Flag for the AuthOption option
- ConnectionCacheSize and ConnectionCacheTimeout with P=[LPC]
- The CheckpointInterval Option
- DaemonPortOptions=InputFilter=
- DaemonPortOptions new Modify=s
- The PID File Is Removed on Exit
- The New QueueSortOrder None Setting
- The New AuthRealm Option
- The New CRLFile Option
- The New FallbackSmartHost Option
- The New RejectLogInterval Option
- The New RequiresDirfsync Option
- The New ConnectionRateWindowSize Option
- ErrorMode=write Deprecated
- The Timeout.queuereturn.dsn Addition
- The Timeout.queuewarn.dsn Addition
- The Milter.macros.eom Addition
- Useful Tables
- What’s New with V8.13
- 25. The H (Headers) Configuration Command
- Index
- Colophon
When the administrator is not careful, the misuse or misconfiguration of sendmail can lead to an insecure and possibly compromised system.
A Milter no longer removes its socket when the Milter is run by root; see Section 7.1.2.10 [V8.13].
As of V8.13, AUTH information is no longer included in bounced email when
sendmailis configure to use SMTP AUTH (10.9[3ed]). This change was made to avoid the risk of leaking sensitive information.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.