Am 21.04.2014 09:12, schrieb Dan Thurman:
On 04/20/2014 02:00 PM, Dan Thurman wrote:
I have F8 and F18. F8 is not affected by HB and F18 is HB
fixed (recompiled) and certificates regenerated. Both Fedora
versions have the same "open-relay" issues and both have
similar or nearly identical sendmail.mc configurations.
You are seriously running 2 obsolete Fedora releases as MTAs exposed to
the public net? Setup security patched platforms for public hosts.
Here is my sendmail.mc file and
let me know if there is a problem?:
<snip!>
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
Drop 1 below:
DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL M=s')dnl
Add 2 below:
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
So far, the spamming stopped...
You changes are random an do not explain why spammers were/are able to
misuse your Sendmail.
DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL M=s')dnl
and
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
are equal. There is no functional difference. And offering the
additional daemon on the submission port and enforcing authentication
for that service just adds a function and does not fix anything
previously configured.
In fact using submission on port 587 with STARTTLS is the right thing
instead of the obsoleted SMTPS on port 465.
Alexander
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
