Hello, we have one customer who was victim of a CEO fraud. Some of his employees got a message from the email address of the CEO with the order to send xx money to a specific bank account. Now we found out that it is possible to send email with sendmail at centos/blueonyx (also other distributions) from an existing email address to an existing email address. Example: telnet 208.77.xx.xx 25 MAIL FROM:[email protected] 250 2.1.0 [email protected]... Sender ok RCPT TO: email@example.com 250 2.1.5 [email protected]... Recipient ok DATA Some content for example send money to yx . 250 2.0.0 w0PBbxN1026335 Message accepted for delivery QUIT 221 2.0.0 sol.xxx closing connection Connection closed by foreign host. Unfortunately it is not only possible from the same to the same user. It is also possible from an (at the server existing) email address to an (at the server existing) email address. Does someone else did see something similar. In my opinion in days with CEO fraud it is a security issue.