https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921078#M934597 Hi:<BR /><BR />I've notified management about the sendmail vulnerability problem, now I'm waiting for them to decide if I should take immediate action.<BR /><BR />First question: Since we don't use our unix mail for anything except to report on cron jobs, can I disable its startup without affecting anything else?<BR /><BR />Second question: How should I disable the startup?<BR /><BR />Tom<BR /> Thu, 06 Mar 2003 15:31:39 GMT Tom Jackson 2003-03-06T15:31:39Z https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921078#M934597 Hi:<BR /><BR />I've notified management about the sendmail vulnerability problem, now I'm waiting for them to decide if I should take immediate action.<BR /><BR />First question: Since we don't use our unix mail for anything except to report on cron jobs, can I disable its startup without affecting anything else?<BR /><BR />Second question: How should I disable the startup?<BR /><BR />Tom<BR /> Thu, 06 Mar 2003 15:31:39 GMT https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921078#M934597 Tom Jackson 2003-03-06T15:31:39Z https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921079#M934598 Edit /etc/rc.config.d/mailservs<BR />and set "export SENDMAIL_SERVER" to 0.<BR /><BR />Pete Thu, 06 Mar 2003 15:33:55 GMT https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921079#M934598 Pete Randall 2003-03-06T15:33:55Z https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921080#M934599 To disable it at startup edit<BR />/etc/rc.config.d/mailservs<BR /><BR /><BR /><BR />export SENDMAIL_SERVER=0 Thu, 06 Mar 2003 15:36:07 GMT https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921080#M934599 Paul Sperry 2003-03-06T15:36:07Z https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921081#M934600 Tom,<BR /><BR />1) Yes, disabling it will not cause any harm.<BR /><BR />2) Fist stop sendmail daemon, then disabling it from coming up at bootup.<BR /># /sbin/init.d/sendmail stop<BR /><BR /># vi /etc/rc.config.d/mailsevrs<BR />to change:<BR />export SENDMAIL_SERVER=1<BR />to:<BR />export SENDMAIL_SERVER=0<BR /><BR />Hai<BR /> Thu, 06 Mar 2003 15:37:58 GMT https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921081#M934600 Hai Nguyen_1 2003-03-06T15:37:58Z https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921082#M934601 You can also use this command to kill the current running sendmail:<BR /><BR /># killsm<BR /><BR />This is exactly similar like doing:<BR /><BR /># /sbin/init.d/sendmail stop<BR /><BR />But before doing that, remember that the root mail messages and the mail message from your cron jobs are important. Thu, 06 Mar 2003 15:45:15 GMT https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921082#M934601 Helen French 2003-03-06T15:45:15Z https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921083#M934602 Pete, Paul, and Hai:<BR /><BR />Thanks for your fast response. Sendmail is down and I'll test the reboot tomorrow. <BR /><BR />Tom<BR /> Thu, 06 Mar 2003 15:46:49 GMT https://community.hpe.com/t5/operating-system-hp-ux/sendmail-vulnerability-question/m-p/2921083#M934602 Tom Jackson 2003-03-06T15:46:49Z