RedHat security advisory for sendmail

Discuss installation of Scalix software

Moderators: ScalixSupport, admin

Posts: 5503
Joined: Thu Mar 25, 2004 8:15 pm

RedHat security advisory for sendmail

Postby ScalixSupport » Wed Mar 22, 2006 12:51 pm

Today, RedHat issued a security advisory for a potential remote exploit when using sendmail with RHEL3 and RHEL4.

The details can be found at

For Scalix customers, this shouldn't cause too much concern as, by default, the SMTP Relay is listening on the external IP address and sendmail should only be listening on the localhost ( ) address.

However, the errata will provide a new and with .rpmnew extensions. Usual practice is that customers should analyse the differences between the original and the .rpmnew versions and apply any changes to the .rpmnew version. They should then copy the .rpmnew version over the original.

If you have configured a milter such as SpamAssassin, you will need to re-apply the changes as documented in the technote. Details are at

After copying the .rpmnew version over the original, you should run the Scalix command

Code: Select all

to re-apply the Scalix-specific rules.

Once that is complete, restart sendmail with

Code: Select all

/etc/init.d/sendmail restart

Customers that are currently using the dual IP address solution from previous SpamAssassin technotes should take the time to read the new technote as there is no longer any need to have that dual IP solution in place. The SMTPFILTER option to smtpd.cfg has been available since 9.4.

If there are any questions, please post them to the forum.



Return to “Installation”

Who is online

Users browsing this forum: No registered users and 1 guest