Sendmail: Theory and Practice, Second Edition
A comprehensive guide to the nooks and crannies of Sendmail, the most-popular electronic mail utility for those using Unix-based servers.
TABLE OF CONTENTS Sendmail: Theory and Practice, Second Edition
Appendix H: Blaming Sendmail
This is a description of the "Don't Blame Sendmail" options available in Sendmail as of the publication date of this edition. We present them here for your knowledge. Recalling the old saying, "a little knowledge is a dangerous thing," we've also explained the reasons why these are dangerous settings to tamper with. Knowing full-well that some of our readers will take this as a challenge, all we can do is take up the slightly modified refrain, "Don't Blame Us."
| safe | |
| No special handling (do not set options that weaken security). This is the default. It should be left as the default. If you change it well, you know who not to blame. | |
| GroupWritableAliasFile | |
| Allow group-writable alias files. Usually, alias files and other map files are only writeable by the e-mail account. Allowing other people in the e-mail group id to edit these files is convenient. [a] But, the greater the number of editors of a file, the greater the likelyhood of errors. Also, if any one of the accounts in the e-mail group id is violated, these files are vulnerable to attack. | |
| WorldWritableAliasFile | |
| Allow "world-writable" alias files. Anyone who has an account on the computer can edit the alias files. This is similar to the previous option, only infinitely worse. While there may be ( may be) a system administration readon for GroupWritableAliasFile, using this is just, plain reckless. | |
| LinkedAliasFileInWritableDir | |
| Allow an alias file that is a link in a writable directory. If... |
Copyright Butterworth-Heinemann 2002 under license agreement with Books24x7
