Date: Fri, 22 Sep 2000 14:12:34 -0600 From: Warner Losh <imp@village.org> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: security@FreeBSD.ORG, Peter Wemm <peter@netplex.com.au> Subject: Re: sendmail default run state Message-ID: <200009222012.OAA70984@harmony.village.org> In-Reply-To: Your message of "Fri, 22 Sep 2000 21:56:16 %2B0200." <20000922215616.A33103@mithrandr.moria.org> References: <20000922215616.A33103@mithrandr.moria.org> <200009100358.e8A3wUG76071@netplex.com.au> <200009100415.e8A4F4G76156@netplex.com.au> <20000910154357.A78311@mithrandr.moria.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20000922215616.A33103@mithrandr.moria.org> Neil Blakey-Milner writes: : I personally would really like 'sendmail_outbound_only="YES"' to be the : default in /etc/defaults/rc.conf, with an option in sysinstall's Network : Services for turning it on/off. I like this a lot. We have several machines in the Village that ARE NOT FOR EMAIL (caps ment to describe the tone of voice we have when we talk about them). These machiens generate email all the time, but should never receive email. We solve this problem with a simple cron job that runs once a day after the daily/weekly/monthly scripts run to deal with failures to send those right away. Speaking of daily logs, I was wondering. Let's say I have 100 machines that are in my network. All of them send root mail to me. I spool the message to a folder, but rarely read them because the volume is so large. Does anybody have a tool that would read them and report things outside the normal? I had thought (and have tried) a daily diff, but that works well for some things (like passwordless accounts, say), but poorly for others (suid files changing, disk usage, etc). I'd like to be able to setup a filter that will look at each message and tell me if it is out of the ordinary. Or if a machine goes quiet. With 10 machines I notice which ones I'm missing, but with 100 I don't notice. Has anybody implemented something like this? Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009222012.OAA70984>