Chapter 10. Securing sendmail
Introduction
Security is essential. Security is so important that it is touched upon many times in this book. In fact, several earlier chapters are really about security, such as Chapter 7 and Chapter 8. But even the chapters on relaying and spam control are really chapters about security because theft of service is just as big of a security problem for sendmail as system and data integrity.
A sendmail server requires all of the security precautions used on any networked system, and then some. By its very nature, a sendmail server must accept connections and data from unknown remote hosts, while many other network servers offer their services to a limited set of clients. The system running sendmail must be secured against attack, and the sendmail service must be secured against exploitation. General system security is beyond the scope of this book. For that, use a good security reference, such as Practical UNIX and Internet Security, by Simson Garfinkel and Gene Spafford (O’Reilly), or Computer Security Basics, by Debbie Russell and G.T. Gangemi (O’Reilly). This book focuses on only those things that are specific to sendmail security.
sendmail’s file and
directory permissions are one area of
general system security that is specific to sendmail. All of the
directories used for sendmail’s administrative files
should only be writable by the TrustedUser
(usually root), and all of the parents of those directories back to the root should only be writable ...
Get sendmail Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.