Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 22 May 2007 09:31:44 +1000
From:      Mikhail Goriachev <mikhailg@webanoide.org>
To:        Maxim Khitrov <mkhitrov@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Sendmail ignores hosts.allow
Message-ID:  <46522BE0.4080407@webanoide.org>
In-Reply-To: <26ddd1750705211537j78ed83fdm921f7f5e5df5c4@mail.gmail.com>
References:  <26ddd1750705211537j78ed83fdm921f7f5e5df5c4@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Maxim Khitrov wrote:
> Hello,
> 
> I'm trying to restrict access to sendmail via hosts.allow. Don't need
> a firewall, since I just want to block everyone but the localhost from
> sending e-mail out. Anyway, it seems that sendmail ignores these
> settings even though it was compiled with TCPWRAPPERS. I added
> "sendmail : all : deny" as the very first line in hosts.allow, just to
> see if it will let me connect from anywhere. It does - not just from
> localhost, but from all remote locations as well. I have no problems
> connecting and sending e-mail. Am I missing something?

I followed your earlier thread (hopefully this is a related topic). This
is strange. By default, sendmail is disabled. You don't even have to put
anything into rc.conf:

# grep sendmail /etc/defaults/rc.conf

Sendmail listens and accepts local mail only. You can't connect to it
from another machine:

# telnet some.host.tld 25
Trying 1.2.3.4...
telnet: connect to address 1.2.3.4: Connection refused
telnet: Unable to connect to remote host

You must've tweaked something to make it behave differently.

> I tested the same setup with sshd, and that works properly. After a
> quick search on google it seems that I'm not the only one with this
> problem, but I couldn't find any solution to this. Any help is greatly
> appreciated.

Share with us your testing methodology. From previous thread, I
understand that you just want something to submit your local mail (from
daemons, scripts, etc). Then as others already said, a simple alias in
/etc/mail/aliases and executing newaliases is sufficient.



Regards,
Mikhail.

-- 
Mikhail Goriachev
Webanoide

Telephone: +61 (0)3 62252501
Mobile Phone: +61 (0)4 38255158
E-Mail: mikhailg@webanoide.org
Web: www.webanoide.org

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46522BE0.4080407>