A lot of sendmail security comes down to you. Sendmail 8 is much
more careful about checking for security problems than previous
versions, but there are some things that you still need to watch
for. In particular:
- Make sure the aliases file isn't writable except by trusted
system personnel. This includes both the text and database
- Make sure that other files that sendmail reads, such as the
mailertable, are only writable by trusted system personnel.
- The queue directory should not be world writable PARTICULARLY
if your system allows "file giveaways" (that is, if a non-root
user can chown any file they own to any other user).
- If your system allows file giveaways, do not create a publically
writable directory for forward files. This will allow anyone
to steal anyone else's e-mail. Instead, create a script that
copies the .forward file from users' home directories once a
night (if you want the non-NFS-mounted forward directory).
- If your system allows file giveaways, you'll find that
sendmail is much less trusting of :include: files -- in
particular, you'll have to have /SENDMAIL/ANY/SHELL/ in
/etc/shells before they will be trusted (that is, before
files and programs listed in them will be honored).
In general, file giveaways are a mistake -- if you can turn them
off, do so.