On Wed, 18 Jul 2001, Mike Chambers wrote:
> First, has anyone stated that sendmail doesnt' even need to be on if you
> don't want it to run and accept email as a server? If it's not on (as in
> the service in daemon mode isn't started) then does the security part
> regarding only accepting email via localhost compared to internet even
> matter? Why can't sendmail be configured to accept mail and not just
> localhost but the service not be started on default installs and if you then
> want to run a mail server you setup it up for your domain and start the
> service? That's the only reason to run the service anyway isn't it as
> sending email is only using the binary?
>
I would think there are more cases where you would want sendmail
running, but only listening on the loopback interface, then there are to
have it listen to the Internet. If you are using it on a workstation to
forward mail to your ISP, and using something like Fetchmail to get your
mail from your ISP. In this case, you would not have a valid hostname
as far as the Interent in concerned, so there is no valid reasion for
someone to connect to your mail server. (I know you can configure
fetchmail to use the local delivery agent instead of connecting to port
25 on localhost, but it is more flexable to give the messages to
sendmail.)
This way, you can also send mail to other users on the same machine.
I preferrer this to hanging post-it notes on the monitor.
>From a security standpoint, I think the current configuration os
correct. Hopefull, anyone that enables connecting to sendmail from the
Internet will learn a little about security in the process. At the very
least, they will know that it is enabled. About the only change I would
like to see is to have a README.redhat in the sendmail doc directory
showing the RedHat specific changes. (I forget who made this point, but
it is a good idea!)
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
