Date: Mon, 21 May 2007 20:44:48 -0400 From: "Maxim Khitrov" <mkhitrov@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Sendmail ignores hosts.allow Message-ID: <26ddd1750705211744o5cc1189xa729c97636a32f41@mail.gmail.com> In-Reply-To: <20070521201142.Y86945@fledge.watson.org> References: <26ddd1750705211537j78ed83fdm921f7f5e5df5c4@mail.gmail.com> <46522BE0.4080407@webanoide.org> <26ddd1750705211652q500f95a1t15280ca017ed46df@mail.gmail.com> <20070521201142.Y86945@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/21/07, doug <doug@fledge.watson.org> wrote: > sendmail_enable="NO" means there is no sendmail daemon running. You can verify > this via "ps -aux | grep sendmail". Remove that statement. Without a reboot you > can start sendmail by cd /etc/mail; make start. > > Unless you have changed the freebsd.mc file and done a 'make install' I do not > believe sendmail will accept from any connections except except on 127.0.0.1 > (localhost). This is what you want I think. If that's it as others have said, > there is no reason to use the hosts.allow mechanism. This is independent of the > jail environment. > > sockstat|grep sendmail > > and you can see whats going on. > Not the case for me, having sendmail_enable="NO" and not having it in rc.conf results in the same behavior. Here's sendmail rcvar output: Without sendmail_enable in rc.conf: # sendmail $sendmail_enable=NO # sendmail_submit $sendmail_submit_enable=YES # sendmail_clientmqueue $sendmail_msp_queue_enable=YES With sendmail_enable="NO": # sendmail $sendmail_enable=NO # sendmail_submit $sendmail_submit_enable=YES # sendmail_clientmqueue $sendmail_msp_queue_enable=YES With sendmail_enable="NONE": # sendmail $sendmail_enable=NO # sendmail_clientmqueue $sendmail_msp_queue_enable=NO So the first two are identical (I don't see why they wouldn't be). As for the sendmail daemon, here's what grep tells me after the server is started: root@vps [/]# ps -aux | grep sendmail smmsp 16473 0.0 0.1 3384 2276 ?? IsJ 4:47PM 0:00.00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail root 20951 0.0 0.1 3484 2480 ?? SsJ 5:37PM 0:00.00 sendmail: accepting connections (sendmail) root 21303 0.0 0.0 1592 912 pn S+J 5:37PM 0:00.00 grep sendmail And here's sockstat output: root@vps [/]# sockstat -l4 USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root sendmail 20951 4 tcp4 <ip>:25 *:* root syslogd 45182 6 udp4 <ip>:514 *:* root sshd 60371 3 tcp4 <ip>:22 *:* As you can see, sendmail is happily listening for all incoming connections with the "NO" setting. If it would only listen on localhost, then that would be the end of my problems. However, remember that the jail environment doesn't have localhost. In other words 127.0.0.1 does not refer to the jail. Loopback for me is the server's wan ip (hey that rhymes :), which is why I think that not having 127.0.0.1 may be confusing to sendmail. - Max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?26ddd1750705211744o5cc1189xa729c97636a32f41>