No single chapter on security can be fully complete. The subject is
so complex and far-ranging that an entire book might not be enough.
To augment the information we have given here, we recommend these
other important sources:
Shapiro has authored a number of fine papers on
sendmail. Of special interest, as of this
writing, is Sendmail Security (based on 8.12), a
brief document that outlines much of what we have talked about in
this chapter, and provides tips we have not covered.
The file sendmail/SECURITY is supplied with the
sendmail source distribution and mainly deals
with a non-root setup. You should read this file
each time you download a new sendmail release.
This is the official site for the CERT Coordination Center, which
studies Internet security vulnerabilities, handles computer security
incidents, and publishes security alerts. This is an excellent site
for security information, and it allows you to sign up for a mailing
list that can warn you about security incidents.
The official site for the SANS Institute, an organization that
provides security training and information. This site allows you to
subscribe to a mailing list that provides routine digests of security
- Practical Unix & Internet Security
By Simson Garfinkel and Gene Spafford,
O'Reilly & Associates, 2nd Edition, 1996, is a
comprehensive book on security that includes information about many
versions of Unix. It contains information about network security that
is germane to sendmail administration.
- Other web sources
Any of your favorite search engines can be used to find additional
material about computer security in general, email security, and
sendmail security in specific.