From owner-freebsd-questions@FreeBSD.ORG  Thu Aug 21 02:25:01 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6795C16A4BF
	for <freebsd-questions@freebsd.org>;
	Thu, 21 Aug 2003 02:25:01 -0700 (PDT)
Received: from smtp.covadmail.net (mx01.covadmail.net [63.65.120.61])
	by mx1.FreeBSD.org (Postfix) with SMTP id 913E643FE3
	for <freebsd-questions@freebsd.org>;
	Thu, 21 Aug 2003 02:25:00 -0700 (PDT)
	(envelope-from strick@covad.net)
Received: (covad.net 5418 invoked from network); 21 Aug 2003 09:24:56 -0000
Received: from unknown (HELO ice.nodomain) (68.164.192.238)
  by sun-qmail07 with SMTP; 21 Aug 2003 09:24:55 -0000
Received: from ice.nodomain (localhost [127.0.0.1])
	by ice.nodomain (8.12.8p1/8.12.8) with ESMTP id h7L9OwAS000704;
	Thu, 21 Aug 2003 02:24:58 -0700 (PDT)
	(envelope-from dan@ice.nodomain)
Received: (from dan@localhost)
	by ice.nodomain (8.12.8p1/8.12.8/Submit) id h7L9Owew000703;
	Thu, 21 Aug 2003 02:24:58 -0700 (PDT)
Date: Thu, 21 Aug 2003 02:24:58 -0700 (PDT)
From: Dan Strick <strick@covad.net>
Message-Id: <200308210924.h7L9Owew000703@ice.nodomain>
To: freebsd-questions@freebsd.org
cc: dan@ice.nodomain
cc: rjhjr@cox.net
Subject: Re: SMTP attempt?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Aug 2003 09:25:01 -0000

>>>>>>>>>>
> I've been noticing a lot of the following the last week:
> Aug 21 01:00:01 kongemord /kernel: Connection attempt to TCP 127.0.0.1:25
> from 127.0.0.1:1074
> 
> I can't figure out what's trying to connect to the SMTP port. I've got 
> sendmail turned off, so there's nothing listening at port 25. 
> 
> Bob Hall
>>>>>>>>>>

Recent sendmail configurations route all local email through the sendmail
daemon that usually listens on port 25.  There was a "security" reason
for the change.  Since local email is essential, for example for reporting
the results of the "daily" scripts run out of crontab, you should either
reenable your sendmail daemon on port 25 or reconfigure your local email
to not route everything through the daemon.  There are instructions
for doing this somewhere in the sendmail documentation.  I think it
involves hacking /etc/mail/submit.cf.

Note: the sendmail binary that comes with FreeBSD was built with libwrap.a
support.  That means it obeys /etc/hosts.allow and can be told to reject
all non-local connections to port 25.

Dan Strick
strick@covad.net