RHEL 9 must not have the sendmail package installed.

STIG ID: RHEL-09-215020  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366,CCI-000381 |  Vulnerability Id: V-257827

Vulnerability Discussion

The sendmail software was not developed with security in mind, and its design prevents it from being effectively contained by SELinux. Postfix must be used instead.

Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000095-GPOS-00049

Check

Verify that the sendmail package is not installed with the following command:

$ sudo dnf list --installed sendmail

Error: No matching Packages to list

If the "sendmail" package is installed, this is a finding.

Fix

Remove the sendmail package with the following command:

$ sudo dnf remove sendmail