From owner-freebsd-questions@FreeBSD.ORG  Mon Sep 25 06:12:18 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CD5D916A417
	for <questions@freebsd.org>; Mon, 25 Sep 2006 06:12:18 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk
	[81.187.76.162])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EA90543D45
	for <questions@freebsd.org>; Mon, 25 Sep 2006 06:12:17 +0000 (GMT)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from [IPv6:::1] (localhost [IPv6:::1])
	by smtp.infracaninophile.co.uk (8.13.8/8.13.8) with ESMTP id
	k8P6BoFs009695; Mon, 25 Sep 2006 07:11:51 +0100 (BST)
	(envelope-from m.seaman@infracaninophile.co.uk)
Authentication-Results: smtp.infracaninophile.co.uk
	from=m.seaman@infracaninophile.co.uk; sender-id=softfail;
	spf=softfail
X-SenderID: Sendmail Sender-ID Filter v0.2.14 smtp.infracaninophile.co.uk
	k8P6BoFs009695
Message-ID: <45177321.2070903@infracaninophile.co.uk>
Date: Mon, 25 Sep 2006 07:11:45 +0100
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
Organization: Infracaninophile
User-Agent: Thunderbird 1.5.0.7 (X11/20060915)
MIME-Version: 1.0
To: Robert C Wittig <wittig.robert@sbcglobal.net>
References: <E6429B1C-2FD8-4B84-95D5-04A3D492C970@rawb.net>	<20060924214248.GC6395@zloy.stilyagin.com>	<B98F1608-D071-4EB9-BED3-1E6ACEA137CB@rawb.net>
	<45171839.9020804@sbcglobal.net>
In-Reply-To: <45171839.9020804@sbcglobal.net>
X-Enigmail-Version: 0.94.0.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="------------enigF93EC4F0F21D68A73E21156F"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2
	(smtp.infracaninophile.co.uk [IPv6:::1]);
	Mon, 25 Sep 2006 07:12:11 +0100 (BST)
X-Virus-Scanned: ClamAV 0.88.4/1934/Mon Sep 25 05:28:46 2006 on
	happy-idiot-talk.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,
	DKIM_POLICY_TESTING,NO_RELAYS autolearn=ham version=3.1.5
X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on 
	happy-idiot-talk.infracaninophile.co.uk
Cc: Rob Gabaree <lists@rawb.net>, questions@freebsd.org
Subject: Re: Do I need to completely disable sendmail?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Sep 2006 06:12:19 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigF93EC4F0F21D68A73E21156F
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable

Robert C Wittig wrote:
> Rob Gabaree wrote:
>> Thanks.
>>
>> What I did was remove all lines except `sendmail_enable=3D"NO"` and in=

>> /etc/mail/aliases, I setup the root alias to goto my real email addres=
s:
>>
>> root user@mydomain.com
>>
>> I setup my firewall to block incoming/outgoing email on ports 21/25 as=

>> well, so no one on the outside can access mail services.
>>
>> It seems to be working correctly, as I received mail as it was ran to
>> my @mydomain.com email.
>>
>> Does this seem ok?  Did I do anything wrong?
>=20
> I run OpenBSD on my mailservers, but I expect that the sendmail works
> basically the same.
>=20
> In /etc/rc.conf or its FreeBSD equivalent, check the sendmail line to
> see if it references localhost.cf or sendmail.cf
>=20
> localhost.cf will permit internal mail on the machine, so that root can=

> send messages to your everyday UID, etc., but will not permit mail to b=
e
> sent to or received from, the Internet, or other machines in you LAN.
>=20
> sendmail.cf will permit full Internet email, but even this will not
> permit Internet email, unless your machine has a fully Qualified Domain=

> Name, which is registered with your domain registrar, and has the
> Registrar's MX setting configured properly.

Uh -- the way OpenBSD deals with sendmail is a bit different to the way
FreeBSD does.

Under FreeBSD, rc.conf settings are used to prevent sendmail from
listening on any network interfaces than the loopback.  Otherwise
exactly the same sendmail.cf would be used for either case.  FreeBSD
also has all of the machinery required to rebuild the .cf files from
the .mc files setup and available directly from /etc/mail.  The system
defaults to creating $(hostname).mc and $(hostname).submit.mc files if
none exist already and then turning those into sendmail.cf and submit.cf

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW


--------------enigF93EC4F0F21D68A73E21156F
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFF3Mm8Mjk52CukIwRCCg+AJ4o4gI9683r7ztvAjvIEDsn19xGGgCfb1OJ
9R6eE4EBqxUpA4Daj0jQ3SY=
=ivGD
-----END PGP SIGNATURE-----

--------------enigF93EC4F0F21D68A73E21156F--