Securing Sendmail.
Information provided by: Joe Jared
Additional Information: For more information on security in Sendmail please visit the Sendmail security page at:

Much of the information related to securing sendmail for all platforms can be obtained from Sendmail's website. For security reasons, versions prior to 8.12.10 should be upgraded or patched to avoid allowing your site to be hijacked by hackers.

If you are running any version of linuxconf prior to 1.28r1, you need to visit i Linuxconf's websiteand download 1.28r1 or newer. All prior versions make sendmail vulnerable to the user%domain@ exploit. It would probably be best if the prior version of linuxconf were removed prior to installing the new version. Jack Gelinas is the author of the mailconf module for Linuxcon. While you're in contact with him, perhaps a suggestion that mailconf should be more flexible to allow for other dnsbl sites instead of hacking /usr/lib/linuxconf/

Copyright © 2002-2023 by SORBS | Terms & Conditions | Privacy Policy