sendmail.net: Securing SendmailJul 06, 2000, 06:26 (0 Talkback[s])
"Though the virus alerts have vanished from the evening news, Internet security remains a justifiably hot topic. Still, while hype, myth, and hysteria abound, useful information seems to be in short supply. Had enough of generalities? Time for something, um, practical? We think so...."
"The key security issue for a mail administrator is pretty clear: no one should be able to get special permissions or elevate their privileges in any way via the mail system. Of course, there are degrees of insecurity. The worst case, obviously, is for an intruder to get root, but breaking into another system account or an ordinary user account is also a problem. There are read, write, and execute permissions to consider, too. Being able to read a file as root is bad; being able to write a file as root is much worse."
"Denial of service should be hard. Out-and-out prevention is essentially impossible: to provide a service is to provide an opportunity for denial of service. But you can degrade gracefully under attack, as opposed to simply going belly up. Ideally, you also want to make forgery as difficult as possible - although, regrettably, SMTP itself makes forgery trivial. You want to avoid theft of service, aka spam. And you want to avoid information leakage: just on general principle, you don't want certain types of information (about your configuration, about your users, about your network) to get out."