If sendmail is not required on AIX, the sendmail service must be disabled.
An XCCDF Rule
Description
The sendmail service has many historical vulnerabilities and, where possible, should be disabled. If the system is not required to operate as a mail server i.e. sending, receiving or processing e-mail, disable the sendmail daemon.
- ID
- SV-215353r958478_rule
- Version
- AIX7-00-003047
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
In "/etc/rc.tcpip", comment out the "sendmail" entry by running command:
# chrctcp -d sendmail