Am Mo, den 18.04.2005 schrieb Claude Jones um 0:11: > > Yes, leave Sendmail running. The default configuration limit its binding > > to localhost only. So what kind of security do you think to gain when > > shutting it down? > For every strong opinion on how to run various things in Linux, you can find > 10 contradictions. I spent the better part of today reading various documents > on Linux. When you're new to all this, it's hard to sort the good from the > bad and ugly. I'd read what seemed like a pretty good document on hardening > Linux and one of the things recommended was turning off sendmail. You are right, there are many different opinions about one single thing. As Matthew said, you need a local MTA running to get mails i.e. the daily logwatch report. As not everybody does need an MTA services to be reached from outside the MTAs Fedora ship with are configured to only accept connections from the machine itself on which they run. For Sendmail this is done by DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl in the sendmail.mc. Ok, if someone hacked your host and you didn't keep Sendmail up to date with security updates it may be possible that the attacker can get root permissions through a local vulnerability of Sendmail. > For someone new like me, you're just another authority - it's hard for > learners like myself to know which ones to listen to. I appreciate your > taking time to help, today. I've started sendmail and removed the relevant > lines from my cronjob script, and now all the messages have stopped - - it's > a bit of an irony that this thread started as an appeal to get root's email > to a usr/recipient, since I've now managed to shut if off. You say you don't get any mail any longer or just those from your cronjob which runs every 5 minutes? Check your maillog if you miss mails. > Claude Jones Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp Serendipity 00:33:55 up 5 days, 21:14, load average: 0.15, 0.21, 0.23
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
