Date: Fri, 21 Jun 2002 00:28:04 -0400 (EDT) From: Jason Hunt <jhunt@lynden.on.ca> To: freebsd-questions@FreeBSD.ORG Subject: Re: sendmail broken with 4.6-RELEASE upgrade Message-ID: <20020621001335.V40748-100000@lethargic.dyndns.org> In-Reply-To: <20020620224649.A6452@disturbed.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 Jun 2002, Mike Benjamin wrote: > The obvious is fix is just to run -bd -q30m and open a TCP port, but I > would like to avoid this method at all costs. There (in theory) is no > need to listen on a TCP port to achieve my desired mail delivery > methods. > I'm not really clear myself on how these two programs interact. I would think that they would use a socket, but maybe they are making a connection on port 25 to the localhost? I would assume that the latter is the case, since opening the port makes it work, correct? So, if this is the case, could you block inbound TCP port 25 connections on your NIC? If it was a connection to the localhost, it would not pass through the nic. You could write your rules something like this: - allow everything on lo0 - allow inbound established packets on xl0 (or whatever your NIC is) - deny inbound packets on tcp port 25 - allow everything (the rest of it) I might be missing something, I'm not sure. Does this make sense? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020621001335.V40748-100000>