Linux Journal: Hardening Sendmail
Mar 15, 2002, 21:55 (9 Talkback[s])
(Other stories by Mick Bauer)
"Sendmail is one of the most venerable internet software
packages still in widespread use. It first appeared in 4.1c BSD
UNIX (April 1983), and to this day it has remained the most
relied-upon application of its kind. Among message transfer agents
(MTAs), sendmail is the great workhorse of the Internet,
transferring e-mail between networks dependably and (to end users)
transparently. But sendmail has both advantages and
"On the good side, sendmail has a huge user community, with the
result that it's easy to find both free and commercial support for
it, not to mention a wealth of electronic and print publications.
It's also stable and predictable, due to its maturity.
"On the negative side, sendmail has acquired a certain amount of
cruft (old code) over its long history, with the result that it has
a reputation of being insecure and bloated. Both charges are open
to debate, however. It's true that it has had a number of
significant vulnerabilities over the years. However, these have
been brought to light and fixed rapidly..."