[buug] Blocking sendmail
f.johan.beisser
jan at caustic.org
Wed Sep 18 16:24:54 PDT 2002
On Wed, 18 Sep 2002, Bill Honeycutt wrote:
> Before the catcalls start, let me say that I know that I shouldn't have
> sendmail running when I should be using one of the many perfectly good
> substitutes.
why substitute?
i run sendmail, have for the last few years. i've found it to be very very
good.
> But I have is running on one machine. I filter packets such that only
> localhost can connect, all others packets are rejected. So imagine my
> surprise to see the following in my process status output:
>
> > ps ax
> >
> >... stuff deleted...
> >
> > 2896 ? S 0:00 sendmain: ./g8G7DAJ26233 gateway4.worldnet.att.net:
> >
odd. what do your firewall rules say?
blaming sendmail for something like this is kind of foolish, it might be a
bad configuration after all.
> Yikes!! All packets from both the localnet and DMZ are disallowed, so
> the question becomes, "has someone found an innovative way to use my
> sendmail daemon?"
probably not. you'd need to check the sendmail config file, and go through
/var/spool/mqueue. take a look at the mail headers and body.
> Thanks in advance!
change your cf file to only handle local mail. take a look at the (now
standard) localhost.cf file in a few different BSD distributions.
http://www.openbsd.org/cgi-bin/cvsweb.cgi/src/gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc?rev=1.4&content-type=text/x-cvsweb-markup
so, generate the localhost.cf file from the mc with m4, and away you go.
-------/ f. johan beisser /--------------------------------------+
http://caustic.org/~jan jan at caustic.org
"John Ashcroft is really just the reanimated corpse
of J. Edgar Hoover." -- Tim Triche
More information about the buug
mailing list