Other Security Information
No single chapter on security can be fully complete. The subject is so complex and far-ranging that an entire book might not be enough. To augment the information we have given here, we recommend these other important sources:
- http://www.sendmail.org/~gshapiro/
Gregory Shapiro has authored a number of fine papers on sendmail. Of special interest, as of this writing, is Sendmail Security (based on 8.12), a brief document that outlines much of what we have talked about in this chapter, and provides tips we have not covered.
- sendmail/SECURITY
The file sendmail/SECURITY is supplied with the sendmail source distribution and mainly deals with a non-root setup. You should read this file each time you download a new sendmail release.
- http://www.cert.org/
This is the official site for the CERT Coordination Center, which studies Internet security vulnerabilities, handles computer security incidents, and publishes security alerts. This is an excellent site for security information, and it allows you to sign up for a mailing list that can warn you about security incidents.
- http://www.sans.org/
The official site for the SANS Institute, an organization that provides security training and information. This site allows you to subscribe to a mailing list that provides routine digests of security matters.
- Practical Unix & Internet Security
By Simson Garfinkel and Gene Spafford, O’Reilly & Associates, 2nd Edition, 1996, is a comprehensive book on security that includes information ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
