October 11, 2001, 12:45 PM — Last month, I started this
series on sendmail 8.9.3 with the intention of pointing out the
advantages of upgrading to this more secure version that includes
antispam and antirelaying features. Little did I know at the time
that the release of the Melissa virus would demonstrate the value of
using an open source mail system such as sendmail. Accompanying the
release of the CERT advisory regarding the virus was a method for
filtering out the affected mail with sendmail -- even though sendmail
wasn't the target in this case.
Aside from the Melissa virus, some of the systems I support were recently
subjected to a surprise audit. The firewall that was running sendmail
8.9.3 thwarted every mail attack, in many cases because the source
address was invalid. The auditors made quite an issue over the fact
that systems not yet upgraded to sendmail 8.9.3 permitted mail
relaying and were subject to spamming. The upgrade is in progress.
To continue where I left off last month, I'll describe the sendmail
configuration file and explain the template file that works for me on
my firewall. I use a variation of this template in most places with a
few changes, depending on how I want to route mail. Generally, I do not
recommend that the firewall handle routing to multiple mail gateways;
if one of the mail gateways goes down, it can cause a denial-of-service
problem on the firewall. I recommend that the firewall just
send all mail for the company to one master mail gateway on the
internal DMZ. This system can handle subdomain routing. This way, if
the mail system gets flooded, other firewall services can still
function. To keep things simple, I'll just describe the configuration
file for the firewall.
The configuration file
Now comes the fun part -- creating the configuration file. I generate a
new one every time I update sendmail to verify that I can create one
from scratch, if required. This is not as complicated as it sounds,
providing I have a template file that reflects my local configuration.
Too often, I have seen sites with a legacy sendmail
cf file that was
originally written by an administrator who left the company years ago.
This configuration file usually becomes a hopelessly confusing set of
redundant and conflicting rules that the current staff is afraid to
clean up. I have found it much easier, in the long run, to start from
scratch and create a new file. You will have to do this anyway if you are
running a much older version of sendmail. While there is effort
required in doing this the first time, subsequent releases are much
easier because you can use the same template file.