A serious flaw has been found in Sendmail that could allow an attacker to take control of the SMTP server running vulnerable version of the software. A remote attacker could send malicious data at certain time intervals, which can corrupt arbitrary stack memory and gain control of the Server.
This security hole affects all Linux and Unix versions of Sendmail 8 up to version 8.13.5. Microsoft Windows versions of Sendmail are not affected. Sendmail has released a new verion 8.13.6 to fix this problem and also patches for earlier versions are available at their FTP site.
If your server is running Sendmail, I highly recommend to patch it or upgrade it. It is the most popular MTA but unfortunately has a history of serious security problems. If possible I recommend to switch to other MTAs like Postfix, Exim or Qmail which are more modular in design and were built with security in mind. My personal favorite is Qmail and all of my SMTP servers are running it. I’d previously written a guide Email Server Installation Checklist which you might find helpful while installing a new server or switching from Sendmail to other softwares. If you want secure and out-of-the-box SMTP server then SME Server can be a good choice.