From owner-freebsd-security Thu Aug 16 2:33: 5 2001 Delivered-To: freebsd-security@freebsd.org Received: from cyclone.tornadogroup.com (cyclone.tornadogroup.com [212.172.155.83]) by hub.freebsd.org (Postfix) with ESMTP id ADDAF37B40D for ; Thu, 16 Aug 2001 02:33:00 -0700 (PDT) (envelope-from matthew.seaman@tornadogroup.com) Received: from claudette.e1.tornadogroup.com (claudette.e1.tornadogroup.com [192.168.0.77]) by cyclone.tornadogroup.com (8.10.0.Beta10/8.10.0.Beta10) with ESMTP id f7G9Wvf04391 for ; Thu, 16 Aug 2001 10:32:58 +0100 (BST) Received: from tornadogroup.com (localhost [127.0.0.1]) by claudette.e1.tornadogroup.com (8.11.5/8.11.5) with ESMTP id f7G9WwO02816 for ; Thu, 16 Aug 2001 10:32:58 +0100 (BST) (envelope-from matthew.seaman@tornadogroup.com) Message-ID: <3B7B934A.67B39698@tornadogroup.com> Date: Thu, 16 Aug 2001 10:32:58 +0100 From: Matthew Seaman X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en-GB, en MIME-Version: 1.0 To: security@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf References: <200108151940.f7FJepc73604@hak.lan.Awfulhak.org> <20010815170217.F14206@pir.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Peter Radcliffe wrote: > > Garance A Drosihn probably said: > > "cron'd events", such as if you add your own cron jobs, cron will > > email you if the process fails, or output from the process when > > it succeeds (depending on how you have the job setup). Cron itself > > expects it can send mail. So does lpd (if a user does 'lpr -m', > > for instance). > > So why can't we run sendmail by default, just with no '-bd' option > so it doesn't listen on port 25. Local mail will get delivered, > it's not a remote security problem ... Much of the time you don't even need to do that. You can run quite happily and send e-mail without any sort of long-lived sendmail process running. Most processes that want to send mail will invoke /usr/sbin/sendmail directly to pipe the message into --- it's only if immediate delivery fails (*) that the message will end up in the queue where it will languish until `sendmail -q' gets run. Matthew (*) or you've altered the sendmail config to queue everything by default, in which case I'll suppose that you know what you're doing... -- Matthew Seaman Tel: 01628 498661 Certe, Toto, sentio nos in Kansate non iam adesse. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message