“Sendmail 8.9, the latest version, comes locked down against
relaying right out of the box: you can find out more about previous
versions by going to the Sendmail web site (Resources). So rather
than focusing on initial configuration, let’s look at a more
insidious problem: taking over someone else’s Sendmail setup and
making sure they haven’t punched any holes in it spammers might
use.“Don’t roll your eyes. There are a lot of administrators who
just kind of fell into their jobs, and rather than learning the
proper way to do things will punch security holes to get their
workarounds to function. Maybe you were even one of them once, but
now you know better, but you’ve forgotten to go back and clean up
all of your old messes.“The key files for your Sendmail relaying setup are
/etc/mail/access, and /etc/mail/relay-domains. /etc/mail/access is
built in a series of single-line entries, and each of these entries
consists of two components. The first half of an /etc/mail/access
line contains information on whom the rule applies to; for example,
192.168.25.3 means this rule is meant for the machine with this IP
address. The second half expresses what the rule is setting: for
example, using RELAY here tells Sendmail to allow 192.168.25.3 to
relay email through this server…”
CrossNodes: Securing the Mail: Lock Spam and Viruses Out of Sendmail
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis