From owner-freebsd-questions@FreeBSD.ORG  Tue May 22 01:13:00 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id F08A216A400
	for <freebsd-questions@freebsd.org>;
	Tue, 22 May 2007 01:13:00 +0000 (UTC)
	(envelope-from mikhailg@webanoide.org)
Received: from shanshito.webanoide.org (shanshito.webanoide.org
	[150.101.108.110])
	by mx1.freebsd.org (Postfix) with ESMTP id 544A613C45A
	for <freebsd-questions@freebsd.org>;
	Tue, 22 May 2007 01:13:00 +0000 (UTC)
	(envelope-from mikhailg@webanoide.org)
Received: from maxito.hba.navalradio.cl (maxito.hba.navalradio.cl
	[172.26.4.34]) (authenticated bits=0)
	by shanshito.webanoide.org (8.13.8/8.13.8) with ESMTP id l4M1Cv7g011915
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Tue, 22 May 2007 01:12:59 GMT (envelope-from mikhailg@webanoide.org)
Message-ID: <46524398.5000802@webanoide.org>
Date: Tue, 22 May 2007 11:12:56 +1000
From: Mikhail Goriachev <mikhailg@webanoide.org>
Organization: Webanoide
User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326)
MIME-Version: 1.0
To: Maxim Khitrov <mkhitrov@gmail.com>
References: <26ddd1750705211537j78ed83fdm921f7f5e5df5c4@mail.gmail.com>	<46522BE0.4080407@webanoide.org>	<26ddd1750705211652q500f95a1t15280ca017ed46df@mail.gmail.com>	<20070521201142.Y86945@fledge.watson.org>
	<26ddd1750705211744o5cc1189xa729c97636a32f41@mail.gmail.com>
In-Reply-To: <26ddd1750705211744o5cc1189xa729c97636a32f41@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: Sendmail ignores hosts.allow
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2007 01:13:01 -0000

Maxim Khitrov wrote:
> On 5/21/07, doug <doug@fledge.watson.org> wrote:
>> sendmail_enable="NO" means there is no sendmail daemon running. You can verify
>> this via "ps -aux | grep sendmail". Remove that statement. Without a reboot you
>> can start sendmail by cd /etc/mail;   make start.
>>
>> Unless you have changed the freebsd.mc file and done a 'make install' I do not
>> believe sendmail will accept from any connections except except on 127.0.0.1
>> (localhost). This is what you want I think. If that's it as others have said,
>> there is no reason to use the hosts.allow mechanism. This is independent of the
>> jail environment.
>>
>>    sockstat|grep sendmail
>>
>> and you can see whats going on.
>>
> 
> Not the case for me, having sendmail_enable="NO" and not having it in
> rc.conf results in the same behavior. Here's sendmail rcvar output:


Same behaviour because sendmail_enable="NO" is already present in
/etc/defaults/rc.conf so putting in /etc/rc.conf or removing it from
there is the same thing.


> Without sendmail_enable in rc.conf:
> # sendmail
> $sendmail_enable=NO
> # sendmail_submit
> $sendmail_submit_enable=YES
> # sendmail_clientmqueue
> $sendmail_msp_queue_enable=YES
> 
> With sendmail_enable="NO":
> # sendmail
> $sendmail_enable=NO
> # sendmail_submit
> $sendmail_submit_enable=YES
> # sendmail_clientmqueue
> $sendmail_msp_queue_enable=YES
> 
> With sendmail_enable="NONE":
> # sendmail
> $sendmail_enable=NO
> # sendmail_clientmqueue
> $sendmail_msp_queue_enable=NO
> 
> So the first two are identical (I don't see why they wouldn't be). As
> for the sendmail daemon, here's what grep tells me after the server is
> started:
> 
> root@vps [/]# ps -aux | grep sendmail
> smmsp 16473  0.0  0.1  3384  2276  ??  IsJ   4:47PM   0:00.00
> sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail
> root  20951  0.0  0.1  3484  2480  ??  SsJ   5:37PM   0:00.00
> sendmail: accepting connections (sendmail)
> root  21303  0.0  0.0  1592   912  pn  S+J   5:37PM   0:00.00 grep sendmail
> 
> And here's sockstat output:
> 
> root@vps [/]# sockstat -l4
> USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
> root     sendmail   20951 4  tcp4   <ip>:25       *:*
> root     syslogd    45182 6  udp4   <ip>:514      *:*
> root     sshd       60371 3  tcp4   <ip>:22       *:*
> 
> As you can see, sendmail is happily listening for all incoming
> connections with the "NO" setting. If it would only listen on
> localhost, then that would be the end of my problems. However,
> remember that the jail environment doesn't have localhost. In other
> words 127.0.0.1 does not refer to the jail. Loopback for me is the
> server's wan ip (hey that rhymes :), which is why I think that not
> having 127.0.0.1 may be confusing to sendmail.


There you go. You just answered yourself.


-- 
Mikhail Goriachev
Webanoide

Telephone: +61 (0)3 62252501
Mobile Phone: +61 (0)4 38255158
E-Mail: mikhailg@webanoide.org
Web: www.webanoide.org