From owner-freebsd-security Tue Sep 10 6:54:23 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 82BCB37B400 for ; Tue, 10 Sep 2002 06:54:16 -0700 (PDT) Received: from host185.dolanmedia.com (host185.dolanmedia.com [209.98.197.185]) by mx1.FreeBSD.org (Postfix) with SMTP id B49EA43E6E for ; Tue, 10 Sep 2002 06:54:15 -0700 (PDT) (envelope-from greg.panula@dolaninformation.com) Received: (qmail 57462 invoked by uid 0); 10 Sep 2002 13:54:14 -0000 Received: from greg.panula@dolaninformation.com by proxy with qmail-scanner-0.96 (. Clean. Processed in 0.401772 secs); 10 Sep 2002 13:54:14 -0000 X-Qmail-Scanner-Mail-From: greg.panula@dolaninformation.com via proxy X-Qmail-Scanner-Rcpt-To: freebsd-security@FreeBSD.ORG,zaunere@yahoo.com X-Qmail-Scanner: 0.96 (No viruses found. Processed in 0.401772 secs) Received: from unknown (HELO mail.dolanmedia.com) (10.1.1.23) by host185.dolanmedia.com with SMTP; 10 Sep 2002 13:54:14 -0000 Received: from dolaninformation.com (10.1.1.135) by mail.dolanmedia.com (Worldmail 1.3.167); 10 Sep 2002 08:54:14 -0500 Message-ID: <3D7DF985.5C41C075@dolaninformation.com> Date: Tue, 10 Sep 2002 08:54:13 -0500 From: Greg Panula Reply-To: greg.panula@dolaninformation.com Organization: Dolan Information Center Inc X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-security@FreeBSD.ORG Cc: Hans Zaunere Subject: Re: asmtp 587 - quickie faq submission References: <20020906230716.99501.qmail@web12808.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hmm, this original email/question is a good example why a security-questions@freebsd.org mail-list might be a good thing. Anyways, to help balance this thread away from noise and towards signal... here is a quickie faq submission for this thread. :) Q: What is ASMTP? A: Authenicated SMTP, explained in RFC 2554 Q: What is ASMTP good for? A: Allow the SMTP server to authenicate users before allowing them to use the smtp service for sending mail. Useful if you have roaming users that connect from foreign networks(e.g. hotel somewhere). Q: How do I or my users make use of ASMTP? A: The user's email client needs to be configured to authenicate themselves to the smtp server. Earthlink has a FAQ section explaining various email client configurations at http://support.earthlink.net/mu/1/psc/img/walkthroughs/Help_FAQ/7280.psc.html Q: Why does Sendmail listen on Port 587? A: For compliance with RFC 2476 which states that seperating the different parts of mail handling(submissions&transfers) is a good thing and port 587 was deemed to be the port for handling submissions. Sendmail 8.10.0 introduced DaemonPortOptions to support this. Checkout http://www.sendmail.org/~gshapiro/8.10.Training/DaemonPortOptions.html for some quick info about DaemonPortOptions. Q: How do I turn off the Message Submission Agent aka stop listening on port 587? A: Add FEATURE(`no_default_msa') your cf.m4 config file and recreate your sendmail.cf file. Someone might want to verify the information above; I haven't done any of it and stopped using&admin'ing sendmail a year or two ago. :) Cheers, Greg Hans Zaunere wrote: > > --- Lyndon Nerenberg wrote: > > >>>>> "Jose" == Jose Esteban Esquer Biskofski > > writes: > > > > Jose> Hello, Ive been looking for information on what sendmail's > > Jose> asmtp (port 587) is exactly, and how to close it. Ive had > > no > > Jose> luck, could someone please tell me how to get rid of it? > > Jose> Thanks. > > > > Port 587 is the Mail Submission service (RFC 2476), and instead of > > turning it off you should learn what it's for and then configure > > your MUAs to use it. > > I disagree. I've been through docs/RFCs/etc and I have yet to see it's > purpose. As far as I can tell, it's just sendmail listening on another > port. > > The pertinent line in /etc/mail/sendmail.cf: > > 0 DaemonPortOptions=Port=587, Name=MSA, M=E > > and I've commented it out. If someone can tell me how I'm supposed to > talk to it, I'd be interested - otherwise I see it just as an immature > default. And, if it's setup for MUAs, why does it listen on all IPs? > Just localhost, no? > > Thanks, > > Hans > > > > > --lyndon > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > __________________________________________________ > Do You Yahoo!? > Yahoo! Finance - Get real-time stock quotes > http://finance.yahoo.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message