Date: Tue, 19 Nov 1996 05:48:02 -0500 (EST) From: Thomas David Rivers <ponds!rivers@dg-rtp.dg.com> To: marcs@znep.com, ponds!Grizzly.COM!markd Cc: ponds!freebsd.org!freebsd-hackers Subject: Re: sendmail without DNS (was: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).) Message-ID: <199611191048.FAA04689@lakes.water.net>
next in thread | raw e-mail | index | archive | help
> > As I mentioned before, and should have mentioned again when I moved it to > -hackers, that still does not prevent sendmail from trying to use DNS in > all cases. I've tried it. Quite a bit. > > I have tried nocanonify, nodns, a service.switch file and perhaps a few > other things that I can't remember right now, but sendmail still tries to > do DNS lookups. The last time this discussion came through the conclusion > was that the only way to change this was to recompile sendmail. AFAIK, > that is still the case. My experience exactly! If you read the sendmail documentation; you'll find a statement to that effect... It was previously claimed that nocanonify and nodns together would cause sendmail to not use DNS; but it didn't work for me either. I had to recompile sendmail to not use DNS... I did investigate what it took to run DNS; but it quickly degraded into a mess for me - my machine wants to participate in 3 different domains at the same time, and reading the DNS/BIND book on how to do this left me without a solution... I'd suggest recompiling :-) - Dave Rivers - > > On Mon, 18 Nov 1996, Mark Diekhans wrote: > > > >[moved to -hackers from security. It started with a discussion of > > >sendmail with uucp; I stated that sendmail still tries to use DNS no > > >matter how you configure it and you have to recompile it to make it stop.] > > > > > >On Mon, 18 Nov 1996, Robert Shady wrote: > > > > > >> > Incorrect. It RUNS without DNS but still TRIES to use it. If you really > > >> > don't have IP connectivity, then difference doesn't matter because it > > >> > still works when the lookup fails, however it still does try and the > > >> > difference does matter if you have partial IP connectivity. I have a > > >> > system setup with nocanonify and all the other config file tweaks I know > > >> > of, and it still tries to use DNS as a tcpdump shows quite clearly. This > > >> > system is running 8.7.5, so things may have been changed in more recent > > >> > versions but I can't say for sure; if this has changed in more recent > > >> > versions, please let me know. > > >> > > > >> > I _think_ the define that needs to be set to 0 is NAMED_BIND, but don't > > >> > recall for sure. This has been gone over before on the lists. > > > > I disabled the use of DNS by sendmail by adding the file /etc/service.switch > > containing the line: > > > > hosts files > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611191048.FAA04689>