This is NOT a warranty that these versions of sendmail are secure. In fact, I believe that sendmail is terribly bloated and has a design fundamentally incompatible with what one wants in a good MTA for internet mail these days. (Not that that's bad or anything, it was written an infinite amount of time ago in internet-years, and worked well then; but many things have changed since then.) I recommend using postfix instead. But since sendmail came with your OS, it's probably easier, which is why a lot of people use it, indeed why I use it on some of the unix machines under my wing, and probably why you're reading this web page.
In most cases below you'll find some pre-compiled binaries, i.e. some versions of the sendmail software which I compiled on appropriate computers and I'm making available here. I also don't recommend these! You really shouldn't install binaries you get from random people on the net. If you know me personally, it might be ok to take software from me. But instead, why don't you compile it yourself from the source.
Contents:
Irix
Solaris
Linux, especially Red Hat
Sun OS 4.1.x
For some reason they state that sendmail 8.9.3 requires irix 6.5.x, but this
is absolutely false and is patronizing at best.
Their patch requires irix 6.5.x,
but you can build your own sendmail 8.9.3
just fine on irix 5.3 or 6.2.
You should use 8.9.3 on any machine which is running a sendmail smtp listener.
Irix makes sendmail listen (i.e. receive mail) by default.
If this machine is not supposed to receive mail from the
internet (and has an MX record) (see relay.html),
you have to edit /etc/init.d/mail to remove the
"-bd" in two places (but leave the "-q15m").
I have some old notes on using irix's sendmail 8.6.12,
especially with respect to how to accomplish the
"forward-everything" configuration, but I strongly recommend upgrading to at
least 8.8.8 for security reasons, especially since there's an easy patch
available.
My irix sendmail 8.9.3 directory contains a gzipped
sendmail 8.9.3 binary, a suitable forward-everything sendmail.cf for irix (uids tweaked etc), and
a compiled copy of gnu-m4 which you'll need on older versions of irix to
generate the sendmail.cf.
You can't use Sun's sendmail.cf files with a real sendmail 8.9.3.
Actually I don't recommend Sun's sendmail 8.9.3 at all, they did a bunch of
weird things. Use the real one.
I have a pre-compiled binary, gzipped.
(You can get gzip from sunfreeware.com to ungzip it. You want gzip anyway.)
I recommend using those lines in /etc/sysconfig/sendmail for any computer
which is not supposed to have mail delivered to it from the net.
Red Hat 5.2 can't install the rh6.0 sendmail rpm, so I built
sendmail 8.9.3 on a redhat 5.2 machine.
That directory contains a gzipped sendmail binary and a sendmail.cf file.
I'd assume you can use the makemap and other stuff which came with
redhat 5.2's sendmail 8.8.7.
Irix
SGI has released a "patch" file which upgrades you to sendmail 8.8.8 for irix
5.3 and 6.2, and a patch file which upgrades you to sendmail 8.9.3 for 6.5.x
only.
Solaris
Maybe get sendmail 8.9.3 from
sunfreeware.com.
Alternatively, it's easy enough to build, at least on solaris 7+, after you
install gcc from sunfreeware.com...
the build aborts when it gets to some of the man pages or m4 stuff (I forget
which, it's one or the other on various platforms), but you
can use the generic-solaris2.cf file which comes with the sendmail 8.9.3
distribution just fine, you don't even have to m4 it.
Linux, especially Red Hat
Red Hat Linux 6.0 and later comes with sendmail 8.9.3, which is recommended.
Red Hat Linux 5.2 comes with sendmail 8.8.7, possibly with some patches, which
I believe is acceptable for security reasons but not for
anti-spam-relay reasons.
If you don't have it listening for incoming smtp connections then you might be
ok with 8.8.7.
You can cause it not to listen on the net without modifying
/etc/rc.d/init.d/sendmail, by simply putting the lines
DAEMON=no
QUEUE=1h
in /etc/sysconfig/sendmail .
I strongly recommend this over modifying /etc/rc.d/init.d/sendmail,
because this way your
configuration info won't be lost in upgrades.
Sun OS 4.1.x
I've heard that sendmail 8.8.8+ is unstable on sunos 4.x.
I think that this depends on whether you have some particular patch installed.
I don't know about it.
Your sunos machines are probably not your mail servers anyway, at least not
any more.
You can stop sendmail from listening on port 25 by removing the "-bd" flag
from the invocation of /usr/lib/sendmail in /etc/rc.local.
If you leave in the "-q15m" (or whatever time interval it's set to), then
outgoing mail will still work fine.
And if /var/spool/mail is an nfs-mount from your real mail server, then MUAs
will work fine.
If you're using the sun-supplied sendmail, you can use my
forward-everything sendmail.cf for sun's sunos sendmail.
stuff about
e-mail transport, under construction
Alan J Rosenthal,
sometimes known as flaps