On 16 Jul 2001, Trond Eivind [iso-8859-1] Glomsrød wrote:
> [EMAIL PROTECTED] writes:
>
> > On 16 Jul 2001, Trond Eivind [iso-8859-1] Glomsrød wrote:
> >
> > > Bsst... it haven been allowing relays for a loong time (RHL 5.0?
> > > Perhaps even earlier).
> >
> > WHOA! Whoa, whoa, whoa!
> > I've been getting flamed for 2 days over wanting RedHat to install an
> > open-relay mailserver.
>
> I think most people thought you meant the "don't accept connections
> from outside your computer" security change.
>
> Installing with open relay is utterly and completely unacceptable, if
> not restricted via firewalls or other measures.
Sorry, I wasn't very clear. I do NOT want an open relay MTA. I meant
that a lot of folks (OK, a couple of folks) on this list have flamed me
for advocating a setup that allows relays. In fact, as you pointed out,
accepting outside connections in no way forces an open relay.
> > Now you're saying that mail relays aren't and weren't a problem. Back
> > to my original question. what reasonable justification is there for not
> > allowing the Mail Transport Agent to receive mail?
>
> Improve security - if a remote exploit is found, this configuration is
> not vulnerable. At the same time, local users can still send mail.
Yeah, they just can't get any. And it sounds like you're fixing a
non-existent problem. I follow CERT pretty closely, and I'm unaware of
any recent exploits against sendmail.
See ya later,
Doc
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
