Re: [Newbie] Howto setup mailserver??

From: DoN. Nichols (dnichols_at_d-and-d.com)
Date: 09/06/05

  • Next message: Mark South: "Re: [Newbie] Howto setup mailserver??" 
    Date: 6 Sep 2005 04:35:15 GMT

    According to Mark South <mark.south@null.invalid>:
    > On Wed, 31 Aug 2005 11:07:23 +0200, Martin Latos wrote:
    >
    > >>
    > >> Or to look at it another way, the site says "8 yrs without a remote
    > >> exploit in the default install".
    > >>
    > >> Sendmail is part of the default install.
    > > The issue was SSHD not sendmail :]
    >
    > Yes, but the OP seemed to be under the impression that sendmail is a
    > security problem at the present, whereas the statement on the website
    > provides a simple to demonstrate lower bound of 8 years of safety.

            Note that OpenBSD puts sendmail in a chroot jail, so I think
    that it is not particularly trusted. Just put where it can be run with
    minimal risk to the system itself.

    > A free and useful lower bound beats a rigorous calculation most times.

            But I'm not sure that this counts as a true lower bound, given
    the distrust that the writers of OpenBSD seem to feel towards sendmail.
    (I don't trust it either -- and have been using qmail for some time
    now. :-)

    > --
    > mark south: world citizen, net denizen
    > echo znexfbhgu2000@lnubb.pb.hx | tr [a-z] [n-za-m]

            Hmm ... a not-so-portable implementation of rot13. :-)
    On Solaris, I have to replace the square brackets with single quotes,
    and on OpenBSD I have to escape each square bracket. (This is running
    in tcsh on both systems, FWIW.)

            Enjoy,
                    DoN. 

    -- 
 Email:   <dnichols@d-and-d.com>   | Voice (all times): (703) 938-4564
	(too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
           --- Black Holes are where God is dividing by zero ---
  • Next message: Mark South: "Re: [Newbie] Howto setup mailserver??"

    Relevant Pages

    • Re: List of installed software packages: pkg_info?
      ... security upgrades for OpenBSD upgrade separate programs to higher ... systems with OpenBSD 4.1? ... Wading through such a snapshot is not my favorite passtime. ... A sendmail that is not ...
      (comp.unix.bsd.openbsd.misc)
    • Re: A Few Noob Questions.
      ... So it's okay to run sendmail for security reports etc? ... A fresh OpenBSD install disable these incoming connection by default unless you allow them? ... tweak the system to make it secure. ... - the base system, including external packages like httpd and named, has ...
      (comp.unix.bsd.openbsd.misc)
    • Re: List of installed software packages: pkg_info?
      ... security upgrades for OpenBSD upgrade separate programs to higher ... Is sendmail version 8.14.0 the only possible version ... systems with OpenBSD 4.1? ... Wading through such a snapshot is not my favorite passtime. ...
      (comp.unix.bsd.openbsd.misc)
    • Re: mysqld boot script
      ... >I'm afraid the method of starting applications/daemons on boot with OpenBSD ... allow it to be mounted allowing suid programs Here is the suid program ... If you really want to keep almost all of qmail: ... the "sendmail" redirector uses. ...
      (comp.unix.bsd.openbsd.misc)
    • Re: Forward all incoming mails to another sendmail host
      ... sendmail will try an MX record lookup. ... If you use the square brackets, sendmail will look up an A/AAAA record. ...
      (comp.mail.sendmail)