From owner-freebsd-security  Fri Sep 22 17:11:46 2000
Delivered-To: freebsd-security@freebsd.org
Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194])
	by hub.freebsd.org (Postfix) with ESMTP id EF9CE37B423
	for <security@freebsd.org>; Fri, 22 Sep 2000 17:11:41 -0700 (PDT)
Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1)
	id 13ccuV-0009MB-00; Sat, 23 Sep 2000 02:11:19 +0200
Date: Sat, 23 Sep 2000 02:11:19 +0200
From: Neil Blakey-Milner <nbm@mithrandr.moria.org>
To: Nate Williams <nate@yogotech.com>
Cc: Warner Losh <imp@village.org>, security@FreeBSD.ORG,
	Peter Wemm <peter@netplex.com.au>
Subject: Re: sendmail default run state
Message-ID: <20000923021119.A35919@mithrandr.moria.org>
References: <20000922215616.A33103@mithrandr.moria.org> <200009100358.e8A3wUG76071@netplex.com.au> <200009100415.e8A4F4G76156@netplex.com.au> <20000910154357.A78311@mithrandr.moria.org> <200009222012.OAA70984@harmony.village.org> <200009230001.SAA20358@nomad.yogotech.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
In-Reply-To: <200009230001.SAA20358@nomad.yogotech.com>; from nate@yogotech.com on Fri, Sep 22, 2000 at 06:01:32PM -0600
Organization: Sunesi Clinical Systems
X-Operating-System: FreeBSD 3.3-RELEASE i386
X-URL: http://rucus.ru.ac.za/~nbm/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri 2000-09-22 (18:01), Nate Williams wrote:
> > : I personally would really like 'sendmail_outbound_only="YES"' to be the
> > : default in /etc/defaults/rc.conf, with an option in sysinstall's Network
> > : Services for turning it on/off.
> > 
> > I like this a lot.  We have several machines in the Village that ARE
> > NOT FOR EMAIL (caps ment to describe the tone of voice we have when we 
> > talk about them).  These machiens generate email all the time, but
> > should never receive email.  We solve this problem with a simple cron
> > job that runs once a day after the daily/weekly/monthly scripts run to 
> > deal with failures to send those right away.
> 
> I don't understand the issue.  I've got machines, and I just never
> startup sendmail, but it sends email out just fine using the
> null-client sendmail setup for 'locally' generated email.
> 
> This limits the sendmail connections to a known server, and doesn't
> require sendmail to listen on port 25.
> 
> What am I missing?

How do you enable nullclient from rc.conf?

What happens if your smarthost server goes down - when does sendmail
check your queue again?

Two different issues - sendmail for queueing and delivery, but not
listening to network, and sendmail with smarthost.  We can emulate the
first in the rc system, but not obviously easily the second.

Neil
-- 
Neil Blakey-Milner
Sunesi Clinical Systems
nbm@mithrandr.moria.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message