From owner-freebsd-questions@FreeBSD.ORG Wed Dec 13 20:32:26 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B788716A519 for ; Wed, 13 Dec 2006 20:32:26 +0000 (UTC) (envelope-from tuaregmex@gmail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.239]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4769243DA7 for ; Wed, 13 Dec 2006 20:30:21 +0000 (GMT) (envelope-from tuaregmex@gmail.com) Received: by wr-out-0506.google.com with SMTP id i28so152171wra for ; Wed, 13 Dec 2006 12:31:46 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=KyWzAul3eM+DhQ9gDZdWJs3HFtXElLE4vKxM0cfdiihvsxS8/sfxBthwoGDPI6SXaJSuUllZiyzMEf/nlZDPIAc+pSa0Vi7RYrCCSf5amn2JerdWwJa1FSeoDL8FjGNkFqUX9iq1cWMCZg/PAOaSwBmdnIvU9YvcqhPpdnLwPKQ= Received: by 10.78.204.1 with SMTP id b1mr975429hug.1166041905693; Wed, 13 Dec 2006 12:31:45 -0800 (PST) Received: by 10.78.161.19 with HTTP; Wed, 13 Dec 2006 12:31:45 -0800 (PST) Message-ID: <7a4a15bd0612131231q3fd8e9eat198da67d41cbef48@mail.gmail.com> Date: Wed, 13 Dec 2006 14:31:45 -0600 From: Tuareg To: Lane In-Reply-To: <200612131333.20652.lane@joeandlane.com> MIME-Version: 1.0 References: <20061206034909.27125.qmail@web37214.mail.mud.yahoo.com> <200612081139.27993.lane@joeandlane.com> <7a4a15bd0612131112x25e1cc4mcfb85843edcf596@mail.gmail.com> <200612131333.20652.lane@joeandlane.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: how do I see security logs without turning on sendmail? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2006 20:32:26 -0000 On 12/13/06, Lane wrote: > > Tuareg, > > What happens when you do this: > > telnet localhost telnet localhost 25 Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Operation timed out telnet: Unable to connect to remote host Does the connection time out? Or do you get a sendmail prompt? Yes, the connection time out. No, I don't get the sendmail prompt, because there is no sendmail running. ps axwww | grep sendmail 47237 p0 R+ 0:00.00 grep sendmail I'm sort of mixed up on the order of the posts, here. But let me see if I > can > rephrase the problem .... and then possibly help you find a solution ... > > It seems to me that the problem is that you cannot determine how to make > FreeBSD 6.x do like other hosts under your influence, so that it will send > email from root@localhost to another (possibly a hub) server? Is that > correct? Yes, we have older versions of FreeBSD (4.x and 5.x) running on remote servers where we can't interrupt the service, in this servers, we can send e-mails to our main e-mail server, were we get reports of scripts. In those servers, we don't have running sendmail, look: ps axwww | grep sendmail 19702 p0 D+ 0:00.00 grep sendmail % %telnet localhost 25 Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Permission denied telnet: Unable to connect to remote host But, we are able to send emails: mail -v user@main.server.com Subject: Test Testing from FreeBSD 4.6-RELEASE . EOT user@main.server.com... Connecting to main.server.com via esmtp... 220 main.server.com ESMTP >>> EHLO server.FreeBSD.4.6-RELEASE 250-main.server.com Hello 250-8BITMIME 250-SIZE 31457280 250-ETRN 250-DSN 250 PIPELINING >>> MAIL From: SIZE=78 250 Sender OK >>> RCPT To: 250 Recipient OK >>> DATA 354 Enter your message, followed by a dot on a line by itself >>> . 250 AYQ81844 Message accepted for delivery user@main.server.com... Sent (AYQ81844 Message accepted for delivery) Closing connection to main.server.com >>> QUIT 221 main.server.com Goodbye First I assume that these other FreeBSD installations are also using > sendmail. > If that is NOT correct then your best hope is to replicate your mta > configuration from those other hosts. In fact that might not be a bad > idea > regardless of what they are running :) You are right, all this installations are also using sendmail. But again, assuming you want to run sendmail and ONLY allow the localhost to > transmit out to another host for collection and/or distribution, enter > this > value into /etc/rc.conf: > > sendmail_enable="NO" > > Now edit /etc/mail/freebsd.mc. Locate the term "SMART_HOST," uncomment > that > line, and enter the IP address or fully qualified domain name of your > upstream server in place of 'your.isp.mail.server' > > Note: If 'your.isp.mail.server' is NOT resolvable on the localhost, then > you > must use the IP address. When you use the IP address, you must put it in > [square brackets], like [192.168.2.1]. > > Now from /etc/mail, type > > make all install > > then shutdown and restart the server using your method of choice, or just > type > > /etc/rc.d/sendmail restart > > And try to send email again. All should work now. > > But you must remember to configure the TARGET mail server to allow this > host > to send. I'll leave that as an exercise for you. > > lane Have some doubts... about this procedure.. I'm going to explain why.... In this server (from the example, server.FreeBSD.4.6-RELEASE, where we can send e-mail, but sendmail it's not running, rc.conf contains: sendmail_enable="NONE", sendmail it's not running: ps axwww | grep sendmail 19702 p0 D+ 0:00.00 grep sendmail And how I showed you in this messages, we are able to send messages, well.. root can do it, as a normal user I can't: mail -v user@main.server.com Subject: TEST Testing from FreeBSD 4.6-RELEASE . EOT collect: Cannot write ./dfkBDJDkW19705 (bfcommit, uid=xxx): Permission denied queueup: cannot create queue temp file ./tfkBDJDkW19705, uid=xxx: Permission denied The older sysadmin who made this configuration with FreeBSD 4.6-RELEASE, quit the job and didn't leave any documentation, a how to, nothing, were he explain how he did this. That's the reason why we are looking to repeat this configuration with FreeBSD 6.1-RELEASE, but couldn't do it.. yet. Thank you for your help.