Since I have little or no knowledge of Unix (other than the names of various processes)...I am submitting this post to the Unix gurus.

I'm trying to satisfy the auditing group with a basic explanation of why "sendmail" should not be listed as a "forbidden" process on all Unix boxes. The information I have found thus far points out that there are patches available that make sendmail more secure (in addition to disabling a couple of parameters). I have sent them information that the Unix boxes in the area I work in use sendmail as a way to communicate/forward mail with each other internally. SNMP community names also get flagged by audit (but that's another issue).

I am looking for information (other than CIAC advisories) that describes how sendmail can be exploited and what actions are needed to resolve the vulnerability. Any input is greatly appreciated...

Thanks.