Thanks to all that responded (list below) and for doing so with the speed
that allowed me to get us back up and running in just a few days. The
consensus was "Get the $%^&* off that version of sendmail. It is full of
security holes." Everyone pointed out that any time I spent would not be
wasted because I should do this on the new system and the configuration
files could be used my new 2.7 box.
I was able to compile sendmail 8.9.3 with only one small problem. I don't
have groff but another search of the SunManagers archives gave me the clue
to change the configure file to use nroff. I don't know if I can read the
man pages, but it allowed the compile to complete without errors which is
all I cared about. I had to add all my PC's to either the relay-domains
file or an access.db file so they would be allowed to relay mail through the
server. I created both because the first few I tested needed one or the
other so to save time I did both. Everyone uses some form of Outlook as
their email client with either POP3 or IMAP connections. I am going to do
some real testing over this weekend to see if I can't do away with some of
that.
I have only one other hurdle to overcome which is my roaming users. I have
the POPAUTH information from the Sendmail.org page which should allow this.
Some of the scripts I want to use are Perl and I can't get it to compile on
the SunOS 4.1.3 system. Since that is a separate issue I will be submitting
another question about that. I am also including links that I found very
helpful.
Thanks to:
Karl Vogel, Richard Bond, Brett Lymn, Richard Bond, Chris Marble, Rick
Kelly, Chad Price, Claudio Cuestas
Original Message:
------------------
We have a new Solaris 2.7 system we will be deploying in about two weeks
because we knew of the security issues but the spam mail jerks couldn't
wait. They got to us on Thursday and we have been put on some Blacklist
already. Is there any easy way to stop this using the current version of
sendmail that Sun distributes for Solaris 1. I believe it is 8.6. I have
downloaded 8.9.3 and will try to compile and configure it, but it just seems
like such a waste of time.
Helpful links:
----------------
RFC 2505: Anti-Spam Recommendations
ftp://ftp.isi.edu/in-notes/rfc2505.txt
Anti-Spam Provisions in Sendmail 8.8
http://www.sendmail.org/antispam.html
* Preventing relaying through your SMTP port
* Refuse mail from selected hosts
* Restrict mail acceptance from certain users to avoid mailbombing
Blocking Email
http://www.nepean.uws.edu.au/users/david/pe/blockmail.html
* Do you or your users, receive "junk email" (aka., "spam")
* Do you have Sendmail R8.8.5 running at your site?
* Would you like to block known "junk email" senders' addresses?
QMail source plus docs
http://www.qmail.org/
Sendmail source code
ftp://ftp.cs.berkeley.edu/pub/sendmail
BIND source code
ftp://ftp.isc.org/isc/bind/
SENDMAIL install script
http://www.freshmeat.net
search for install sendmail
Instructions for Installing 8.8.8 and with anti-relay rules
http://www3.hmc.edu/docs/coolstuff/sendmail
SMAP - A public domain firewall toolkit
www.fwtk.org
http://www.fwtk.org/fwtk/patches/patches.html#2.2
-- Linda Cygan Manager of System Administration Western Printing Machinery Company EMail: lcygan@wpm.com 9229 Ivanhoe Street Phone: (847) 678-1741 Ext.8620 Schiller Park, Il 60176 Fax : (847) 678-6176
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:04 CDT