- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Hole in Sendmail security
Operating System - HP-UX
1753935
Members
9796
Online
108811
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-29-2001 08:09 AM
тАО03-29-2001 08:09 AM
Hole in Sendmail security
Hello
My network administrator is using some sniffer software that uses SNMP to access SMTP & sendmail on some of my unix machines - he can then send unsolicited mail anonymously or with bogus sender details. I've tried removing the public community in snmpd.conf but to no avail.
Any ideas how I can tighten this up - basically it means that anybody in the know within my LAN can use any unix node to send anonymous messages of malicious intent.
Help would be much appreciated.
Phil
My network administrator is using some sniffer software that uses SNMP to access SMTP & sendmail on some of my unix machines - he can then send unsolicited mail anonymously or with bogus sender details. I've tried removing the public community in snmpd.conf but to no avail.
Any ideas how I can tighten this up - basically it means that anybody in the know within my LAN can use any unix node to send anonymous messages of malicious intent.
Help would be much appreciated.
Phil
Do I have to?
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-29-2001 11:24 PM
тАО03-29-2001 11:24 PM
Re: Hole in Sendmail security
Sendmail (or the SMTP protocol in general) offers no means to protect you from users forging email adresses at their will.
It's a problem inherent in the SMTP protocol.
The only thing sendmail (or any MTA like Postfix or qmail) REALLY knows is the IP of the client!
So, based on IP, you can allow or disallow sending.
SNMP has NOTHING to do with this, as well as sniffers. a Simple "telnet mailmachine 25" is all you need to "forge" arbitrary mails.
If you're looking for a more secure and easier to administer replacement for sendmail, investigate www.postfix.org
What is Postfix? It is Wietse Venema's mailer that started life as an alternative to the widely-used Sendmail program.
Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.
This software was formerly known as VMailer. It was released by the end of 1998 as the IBM Secure Mailer. From then on it has lived on as Postfix.
It's a problem inherent in the SMTP protocol.
The only thing sendmail (or any MTA like Postfix or qmail) REALLY knows is the IP of the client!
So, based on IP, you can allow or disallow sending.
SNMP has NOTHING to do with this, as well as sniffers. a Simple "telnet mailmachine 25" is all you need to "forge" arbitrary mails.
If you're looking for a more secure and easier to administer replacement for sendmail, investigate www.postfix.org
What is Postfix? It is Wietse Venema's mailer that started life as an alternative to the widely-used Sendmail program.
Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.
This software was formerly known as VMailer. It was released by the end of 1998 as the IBM Secure Mailer. From then on it has lived on as Postfix.
Postfix/BIND/Security/IDS/Scanner, you name it...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2001 01:02 AM
тАО03-30-2001 01:02 AM
Re: Hole in Sendmail security
Thanks for your advice here Ralf - however I'm pretty reluctant to switch the mail software on all my live machines. Am currently looking into the possibility of configuring sendmail to disallow relaying - i.e only processing mail submitted locally - this does at least mitigate the risk. I think I've managed to do so utilising the /etc/sendmail.cw file (at least on my hpux platforms), unfortunately I have the same problem on my Tru64 platforms but haven't as yet worked out how to implement (different sendmail version)
Rgds
Rgds
Do I have to?
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP