From owner-freebsd-questions@FreeBSD.ORG Tue May 22 19:51:26 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BE74A16A421 for ; Tue, 22 May 2007 19:51:26 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from smtp-out3.blueyonder.co.uk (smtp-out3.blueyonder.co.uk [195.188.213.6]) by mx1.freebsd.org (Postfix) with ESMTP id 74C7713C487 for ; Tue, 22 May 2007 19:51:26 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from [172.23.170.138] (helo=anti-virus01-09) by smtp-out3.blueyonder.co.uk with smtp (Exim 4.52) id 1HqaOC-0001IP-SP; Tue, 22 May 2007 20:51:24 +0100 Received: from [62.31.10.181] (helo=[192.168.23.2]) by asmtp-out4.blueyonder.co.uk with esmtp (Exim 4.52) id 1HqaBA-0004VG-MH; Tue, 22 May 2007 20:37:57 +0100 Message-ID: <46534693.3060208@dial.pipex.com> Date: Tue, 22 May 2007 20:37:55 +0100 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20061205 X-Accept-Language: en MIME-Version: 1.0 To: Maxim Khitrov References: <26ddd1750705211537j78ed83fdm921f7f5e5df5c4@mail.gmail.com> <20070522105732.A2743@erienet.net> <26ddd1750705220837n141787fdh6167c0cb07a8396f@mail.gmail.com> <20070522121629.X86945@fledge.watson.org> <26ddd1750705221046m543c427ahf9c73878d14f6e2a@mail.gmail.com> In-Reply-To: <26ddd1750705221046m543c427ahf9c73878d14f6e2a@mail.gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Sendmail ignores hosts.allow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 May 2007 19:51:26 -0000 Maxim Khitrov wrote: > I'm not sure I understand what you mean... I'm not using inetd, and > the default configuration doesn't block sendmail from all remote > hosts. The ssh server is running all by itself, same as sendmail. The > way I understand it is that as long as the server was compiled with > tcp wrappers, it should follow the rules in hosts.allow. Sendmail is different from other network apps in that it does not block the connection when a deny rule is in effect, instead it send some kind of reject code (5xx) during the SMTP conversation. If you check /var/log/maillog you may well see this happening. If you search the mail archives (or try google) with some appropriate keywords then you should find a post from Matthew Seaman which explains it in detail You could also search the source code, if you are somewhat C literate. If you want to completely block connections from specific hosts (or only allow specific hosts) then I would suggest doing that with firewall rules. Didn't follow the start of the thread very closely so I hope I got the right end of the stick. --Alex