On Mon, 2007-02-12 at 18:07 +0000, Alan wrote: > 99.lots % of people only need internal email for daemons etc so a long > time ago (Red Hat 5 or so I think) it was decided that since sendmail > had such a godawful security history that it would be a lot safer if > our mail daemon simply didn't listen to the outside world by default. > > Since then a lot has happened - sendmail has a much better security > behaviour on the whole, firewalling can cover the port instead, and > GUI tools have appeared. Does anybody still have their original FC5 config file? I'm sure I didn't change mine, but I noticed that it had the accept unresolveable domains option allowed. That doesn't seem a sensible default option, even if it only listened to 127.0.0.1, by default. Someone might change the listen address, without checking other settings.
