> What could be so insecure about using sendmail localy? > Don't start the daemon, so it is not listening... > Or the firewall will block the port anyway... > If the mail is sent to a trusted mail server, there is no risks. > Am I missing something? > On a hardened, production, well configured server that strategy would simply be a part of a "Defence-in-Depth" security strategy. What's the worst that could happen?