Feb 25, '03 06:24:00AM • Contributed by: Anonymous
I tried it on MacOS 10.2.4 and it worked. I hope this helps..
|
|
|
Disable EXPN and VRFY in Sendmail to increase security
Feb 25, '03 06:24:00AM • Contributed by: Anonymous
I've found this tip on burningvoid.com's Infrequently Asked Questions page. EXPN and VRFY are two sendmail flags that can compromise the security of your mail server (assuming you've enabled it in OS X). This page describes both variables' functions a bit more fully, and explains how to disable them in sendmail's config file.
I tried it on MacOS 10.2.4 and it worked. I hope this helps..
•
[5,469 views]
Hint Options
Install qmail
Install qmail
unfortunately, qmail is also very difficult to install. It's not by any means easy to use. It may be secure but it's needlessly complex... You have to create a bevy of users, plop a gaggle of files all over your system, and then start to configure the beast... what a pain! I tried for nearly a week to get qmail to work. When it still didn't, sendmail and its 30 mins of configuring looked awfully attractive, even if it is slow. Speed doesn't matter when it's just serving a few hundred messages per day.
telnet must be enabled for these to be abused
From the explanation, it seems clear that telnet must be enabled for these to be a security hole. Since recent versions of OS X have telnet disabled by default, this doesn't strike me as a big issue for your average OS X user/admin.
telnet must be enabled for these to be abused
Telnet is disabled by default only in the sense that someone can't telnet to port 23 and shell into an account on your Mac. However, if you are running sendmail, someone still can telnet to port 25 (SMTP) and do an EXPN or VRFY.
mc option?
I use m4 to generate sendmail.cf. Which command should be used to change PrivacyOptions? define(`confPRIVACY_OPTIONS', `noexpn novrfy')
doesn't work. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.48 seconds |
|