Security Incidents mailing list archives

Re: sendmail 8.11.0 and port 587/TCP

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Mon, 27 Nov 2000 14:57:32 -0500

it's used for message submission authentication (MSA):

http://www.google.com/search?q=cache:www.perl.jann.com/sendmail/200010/msg00370.html+sendmail+587+tcp+port&hl=en

see your .cf file:

grep DaemonPortOptions /etc/mail.sendmail.cf

O DaemonPortOptions=Name=MTA
O DaemonPortOptions=Port=587, Name=MSA, M=E

and...
in the file doc/op
               That  is,  one way to specify a message sub-
                mission agent  (MSA)  that  always  requires
                authentication is:

                    O DaemonPortOptions=Name=MSA, Port=587, M=Ea

if you don't need it (don't know what it is? aren't using it?) comment
that line out and kill -HUP sendmail's process.

the link above gives you some nice documentation on it. AFAIK it is not a
trojan or a security risk (none yet found AFAIK).

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

Re: sendmail 8.11.0 and port 587/TCP Jose Nazario (Nov 29)