Date: Fri, 22 Sep 2000 17:32:54 -0600 From: Lyndon Nerenberg <lyndon@orthanc.ab.ca> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: security@FreeBSD.ORG Subject: Re: sendmail default run state Message-ID: <200009222332.e8MNWt118034@orthanc.ab.ca> In-Reply-To: Your message of "Sat, 23 Sep 2000 00:49:24 %2B0200." <20000923004924.A35072@mithrandr.moria.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Neil" == Neil Blakey-Milner <nbm@mithrandr.moria.org> writes:
Neil> Yeah, it would be nice to offer this, but we can't assure
Neil> ipfw/ipfilter rules, and my knowledge of sendmail
Neil> configuration is dangerous. Is there a way to tell sendmail
Neil> what IP addresses to bind?
Not right now. I'm working on patches that will let you do this. Hopefully
these will be incorporated into the 8.12 release.
Meanwhile, FEATURE(nullclient) gets you most of the way there. You still
have sendmail listening on all your interfaces, but there isn't a whole lot
anyone off the box can do with them.
Neil> If it means rewriting the
Neil> configuration file, we could investigate the use of sed to
Neil> allow us to specify smarthost (DS in sendmail, IIRC) and
Neil> what IP(s) to bind.
No, generate a custom .mc and build a .cf from that. Editing the .cf directly
is akin to patching object decks. (Ya, it's fun, but not very productive :-)
If you really need it, build a point-and-shoot-yourself-in-the-head
gooey front end.
--lyndon (not a gooey fan)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009222332.e8MNWt118034>