Navigate

Check: RHEL-06-000288

Red Hat Enterprise Linux 6 STIG: RHEL-06-000288 (in versions v2 r2 through v1 r14)

Title

The sendmail package must be removed. (Cat II impact)

Discussion

The sendmail software was not developed with security in mind and its design prevents it from being effectively contained by SELinux. Postfix should be used instead.

Check Content

Run the following command to determine if the "sendmail" package is installed: # rpm -q sendmail If the package is installed, this is a finding.

Fix Text

Sendmail is not the default mail transfer agent and is not installed by default. The "sendmail" package can be removed with the following command: # yum erase sendmail

Additional Identifiers

Rule ID: SV-218038r603264_rule

Vulnerability ID: V-218038

Group Title: SRG-OS-000095

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.
CCI-000381	The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings
CM-7	Least Functionality