Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Configuration of sendmail to only accept mail from localhost


Why do it in ipchains, why not do it in the sendmail.cf file.

Have a look at RH 7.1 or 7.2 (and maybe 7.0), that has localhost-only
access as the default.

On Sun, 12 May 2002 s4565@xxxxxxxxxxx wrote:

> Hi
>
> I am trying to set up ipchains to only allow sendmail to send/process/? mail which is sent from my local machine
> 127.0.0.1(The machine I am running sendmail on).  Currently the default settings from Redhat 7.2 are
>
> [snip]
> :input ACCEPT
> :forward ACCEPT
> :output ACCEPT
> -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
> [snip]
>
> in /etc/sysconfig/ipchains
>
> which when I run ipchains --list gives me
>
> ot@shiomi root]# ipchains --list
> [snip]
> Chain input (policy ACCEPT):
> target     prot opt     source                destination           ports
> ACCEPT     udp  ------  dns2.wakwak.com      anywhere              domain ->   1025:65535
> ACCEPT     udp  ------  dns2.wakwak.com      anywhere              domain ->   1025:65535
> ACCEPT     udp  ------  dns1.wakwak.com      anywhere              domain ->   1025:65535
> ACCEPT     tcp  -y----  anywhere             anywhere              any ->   smtp
> [snip]
>
> which to me looks a bit of a worry...I am not sure I like the "any-> smtp" part, does this mean at the moment anyone
> can use my machine to send email?  What I want to know is what do I need to do to both the /etc/sysconfig/ipchains file
> and /etc/sendmail* files to make it so my sendmail program will only process "email send requests"(not sure of the
> right term here) from my local machine 127.0.0.1
>
> Cheers
>
> Tony
>
>

-- 
Howard.
LANNet Computing Associates - Your Linux people
Contact detail at http://www.lannetlinux.com
 "I believe that forgiving them [terrorists] is God's function.
 Our job is simply to arrange the meeting."
   - General "Storm'n" Norman Schwartzkopf