Date: Wed, 29 Sep 2004 16:00:49 -0400 From: epilogue <epilogue@allstream.net> To: Ronj_clark@yahoo.com Cc: freebsd-questions@freebsd.org Subject: Re: sendmail question Message-ID: <20040929160049.31494bf7@localhost> In-Reply-To: <20040929145351.28b8af1e.wmoran@potentialtech.com> References: <20040929132215.56551a88.wmoran@potentialtech.com> <20040929183642.76738.qmail@web52504.mail.yahoo.com> <20040929145351.28b8af1e.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 29 Sep 2004 14:53:51 -0400 Bill Moran <wmoran@potentialtech.com> wrote: > Ronnie Clark <ronj_clark@yahoo.com> wrote: > > Bill, > > > > Thanks for the response. Here is the last entry in the > > maillog file: > > > > Sep 29 03:01:48 src@rc_gcux sendmail[1204]: > > i8T81lo5001204: to=root, delay=00:00:00, > > xdelay=00:00:00, mailer=relay, pri=31632, > > relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: > > Connection refused by [127.0.0.1] > > > > This makes sense that the log says what it does since > > I have sendmail_enable="NONE". What I am asking is if > > there is a way to not have this file at all since > > there is no need to send amy mail of any kind from > > this server. Make sense? > > Not really. > > A lot of stuff in FreeBSD uses email for notifications and the like. > A few examples are cron (which will email the output of cron jobs) and > periodic. If you want to disable _all_ mail delivery, you'll need to > track down all of these utilities and either a) prevent them from > running or b) arrange for notifications from them to be sent via some > other means. hello ron, while this may not catch everything, it is a good and reasonable (imho) start. 1) add the following lines to /etc/periodic.conf: daily_output="/var/log/daily.log" weekly_output="/var/log/weekly.log" monthly_output="/var/log/monthly.log" daily_status_security_output="/var/log/security.log" 2) be sure that these logs exist. if they don't, 'touch' them. 3) the following in rc.conf: sendmail_enable="NONE" syslogd_enable="YES" syslogd_flags="-ss" # read the man page, if you want details inetd_enable="NO" # <- only if you're not running any inet services 4) reboot or shutdown. upon restart, examine 'netstat -n | grep -i list' for output. if get any output, it is for services that are 'listening'. deal with those, as you see fit. 5) if you ever need to send mail from this host, use one of the clients which have their own MTA's integrated (ex. sylpheed). while such CLI clients may exist, i am only aware of the gui clients. while it doesn't everything (firewalls in particular), this is a very good article, if you're looking to start locking down this machine: http://www.onlamp.com/pub/a/bsd/2002/08/08/FreeBSD_Basics.html hth. cheers, epi > I don't know that a comprehensive list of these applications has ever > been compiled, but I think disabling them and mail delivery is A Bad > Idea (tm) because you're pretending your smarter than 30 years of > Unix system administrators' combined experience. > > The Right Thing To Do (tm) is to set sendmail_enable="NONE" (or > replace sendmail with ssmtp) and configure the "root" account to > forward to your email account so you can properly receive these > informative emails. If you're not familiar with sendmail or > uncomfortable with it doing anything, check out the handbook page > on replacing it with ssmtp: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mail.html > > HTH. > > > --- Bill Moran <wmoran@potentialtech.com> wrote: > > > > > Ronnie Clark <ronj_clark@yahoo.com> wrote: > > > > > > > Hello all, > > > > > > > > I am building a central syslog server. I am seeing > > > > sendmail related items in the maillog file, even > > > > though I have sendmail_enable="NONE" in my > > > > /etc/rc.conf file. Is there a way to turn off any > > > > resemblance of an MTA on a FreeBSD system? Or, is > > > > there a way to turn on a localhost MTA but not > > > have it > > > > actively listen on a port? (in this case tcp 587) > > > > > > sendmail_enable="NONE" should disable it totally. > > > > > > sendmail_enable="NO" should allow local submission > > > only. > > > > > > You could also install something like ssmtp to > > > replace sendmail. > > > > > > What kind of log messages are you getting? > > > > > > -- > > > Bill Moran > > > Potential Technologies > > > http://www.potentialtech.com > > > > > > > > > > > > > _______________________________ > > Do you Yahoo!? > > Declare Yourself - Register online to vote today! > > http://vote.yahoo.com > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > > -- > Bill Moran > Potential Technologies > http://www.potentialtech.com > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040929160049.31494bf7>