Databases
cancel
Showing results for 
Search instead for 
Did you mean: 

Sendmail Vulnerability Question

SOLVED
Go to solution
Tom Jackson
Valued Contributor

Sendmail Vulnerability Question

Hi:

I've notified management about the sendmail vulnerability problem, now I'm waiting for them to decide if I should take immediate action.

First question: Since we don't use our unix mail for anything except to report on cron jobs, can I disable its startup without affecting anything else?

Second question: How should I disable the startup?

Tom
5 REPLIES
Pete Randall
Outstanding Contributor
Solution

Re: Sendmail Vulnerability Question

Edit /etc/rc.config.d/mailservs
and set "export SENDMAIL_SERVER" to 0.

Pete

Pete
Paul Sperry
Honored Contributor

Re: Sendmail Vulnerability Question

To disable it at startup edit
/etc/rc.config.d/mailservs



export SENDMAIL_SERVER=0
Hai Nguyen_1
Honored Contributor

Re: Sendmail Vulnerability Question

Tom,

1) Yes, disabling it will not cause any harm.

2) Fist stop sendmail daemon, then disabling it from coming up at bootup.
# /sbin/init.d/sendmail stop

# vi /etc/rc.config.d/mailsevrs
to change:
export SENDMAIL_SERVER=1
to:
export SENDMAIL_SERVER=0

Hai
Helen French
Honored Contributor

Re: Sendmail Vulnerability Question

You can also use this command to kill the current running sendmail:

# killsm

This is exactly similar like doing:

# /sbin/init.d/sendmail stop

But before doing that, remember that the root mail messages and the mail message from your cron jobs are important.
Life is a promise, fulfill it!
Tom Jackson
Valued Contributor

Re: Sendmail Vulnerability Question

Pete, Paul, and Hai:

Thanks for your fast response. Sendmail is down and I'll test the reboot tomorrow.

Tom