5

I have a web application server running Ubuntu. The Application is built in Python/Django, but does not have any specific use cases to send email. We have log management software that allows us to check all logs, so we don't have any need for emailing logs or any such stuff.

We have tried to harden this box, but I noticed sendmail was installed & running plus I see "sendmail MTA : Accepting connections" when I "ps -ef | grep sendmail". A bit scary.

From a security aspect am I better of uninstalling sendmail (and postfix, for that matter) - because emails don't seem to be needed at all. If at all its essential, they need to be outgoing-only. Or is there an aspect of Linux that has a dependency on emails (I can think of git config, django admin accounts etc).

blispr
  • 159
  • 5
  • Security is the main concern here ; my experience with sendmail is limited (and outdated) - is it normal to leave it running (maybe in outgoing mode only)? . At the same time, I don't want to break things in the box by removing sendmail. – blispr Jan 09 '15 at 19:59
  • Why not just stop the service and prevent it from starting up on boot? – Mike B Jan 15 '15 at 17:51
  • Stopping the service would be an option. However, as @NathanC pointed out below , some (non-critical) things could break as a result of stopping sendmail. I was getting a feel for what the dependencies were, before deciding on the security trade-off. – blispr Jan 22 '15 at 12:31

1 Answers1

9

No, it's not required to have, but you break some things by not having it (like logrotate). It's easier to just use iptables and block the ports.

Nathan C
  • 15,059
  • 4
  • 43
  • 62