Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Sendmail Startup


<quote who="Malcolm Johnston">

> I don't use "sendmail" for emailing, I just have the default "pop/smtp"
> for that.

In that case, get rid of it. :-) To allow daemons and whatnot to send mail
from the machine, use something like nullmailer, which just forwards to an
SMTP server of your choice.

> And yes, I realize "rsh" is insecure (although any access to my second
> machine requires a login and password; you can't perform any
> non-interactive "rsh <command>" type operations).

But that's 99% of the reason why it's insecure: You're passing user/pass
over the wire in plain text, for everyone to see. Not to mention all your
data going over the wire, again in plain text for everyone to see...

Additionally, Slackware as a distro and organisation doesn't exactly have
fantastic security support...

Just some thoughts,

- Jeff

-- 
OSCON 2007: Portland OR, USA        http://conferences.oreillynet.com/oscon/
 
     "You can't just find cake. Cake isn't naturally occuring." - Penny
                                   Arcade