We now turn our attention from security problems to security features. Many security features are discussed in the various README files supplied with the sendmail source distribution. In this section, we discuss the most common security features:
The
T
configuration command (classt
) defines which users are allowed to use the-f
command-line switch to override the sender address with one of their own, and which users are allowed to rebuild the aliases database.The smrsh program replaces /bin/sh as the program run by the
prog
delivery agent to execute programs. The smrsh program is simple yet immensely valuable. We recommend that it be routinely installed on all your machines. The smrsh program is described in detail in The smrsh Program on page 379.Several options can be used to tighten security and to provide reports of security violations.
The /etc/shells file prevents ordinary users from running programs on your mail server.
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.