Majordomo-Users: Re: Any point disabling 'who'?

Majordomo-Users
(November 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Any point disabling 'who'?
From:	"Mathias-H. Weber" <mweber @ atlas . de>
Organization:	STN Atlas Elektronik GmbH
Date:	Wed, 19 Nov 1997 13:29:09 +0100
To:	majordomo-users @ GreatCircle . COM
References:	<Pine.SGI.3.96.971118152538.29774A-100000@gollum.southern.net>

Hello,

seems this topic is of interest for many of us. Given no privacy options
in the sendmail.cf file provides very poor security.  The sendmail book
of Brian Costales (O'Reilly) reccommends to add the following line to
the sendmail.cf file: 

	Opgoaway,restrictmailq,restrictqrun

This setting disables the "expn" and the "vrfy" SMTP commands, requires
other sites to identify themselves before sending mail, and also limits
access to the mail queue directory.

This should help avoid most security problems
Mathias

-- 
__________________________________________________________________
| Dr. Mathias-H. Weber          ---     mailto:mweber@atlas.de   |
| STN ATLAS ELEKTRONIK GmbH   {~@_@~}                            |
| Brueggeweg 54 / Dept ETS21  _( Y )_   Phone:  +49 421 457 4401 |
| 28305 BREMEN               (:_~*~_:)  Fax  :  +49 421 457 3177 |
| Germany                     (_)-(_)   Telex:  2 457 460        |
___________________________SIGSIG: Signature too long (core dumped)

Follow-Ups:

Re: Any point disabling 'who'?
From: Rich Pieri <rich.pieri@prescienttech.com>

References:

Any point disabling 'who'?
From: David Coles <davidc@southern.com>

Indexed By Date	Previous:	Re: Any point disabling 'who'? From: Nils Koesters <nils.koesters@stir.ac.uk>
Indexed By Date	Next:	Re: Any point disabling 'who'? From: robi@fluffyspider.com.au (Robi Karp)
Indexed By Thread	Previous:	Re: Any point disabling 'who'? From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Thread	Next:	Re: Any point disabling 'who'? From: Rich Pieri <rich.pieri@prescienttech.com>