RE: can't figure out this sendmail error
From: Rodolfo J. Paiz (rpaiz_at_simpaticus.com)
Date: 12/31/03
- Previous message: Jason Dixon: "Re: can't figure out this sendmail error"
- Maybe in reply to: Chris W. Parker: "can't figure out this sendmail error"
- Next in thread: Michael Fratoni: "Re: can't figure out this sendmail error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: redhat-list@redhat.com Date: Tue, 30 Dec 2003 22:36:13 -0600
At 21:43 12/30/2003, you wrote:
>Can't relaying be stopped without using SMTP AUTH?
Yes, it can. SMTP AUTH exists so that you can relay mail through that
server to someone else, but so that spammers can't abuse your box. So if no
one needs to use that machine as a relay from the outside (say, you with a
notebook computer somewhere else), then SMTP AUTH is not needed, and
relaying should be shut down.
>Do I have the wrong idea when I say SMTP AUTH will require that any
>sender to an email address in your domain has to have some kind of
>name and password to send mail?
Yes, you definitely have the wrong idea. If that were true, then everybody
would need to have an account on your server in order to send you mail, and
that's obviously not how it works. Some scenarios:
1. The Apache service, or any local user, on the box wants to send
mail: it connects to localhost (127.0.0.1) port 25 (on which sendmail
listens by default) and sends its mail. Mail is originating from the same
box, so no relaying is taking place and any request to send mail anywhere
will be accepted.
If you comment out the DAEMON_OPTIONS line in sendmail.mc that limits
sendmail to only listening on 127.0.0.1, then sendmail will listen on /all/
interfaces. Alternately, you can add an additional DAEMON_OPTIONS line in
sendmail.mc that contains the IP address of another interface, and sendmail
will listen on those two interfaces. Now:
2. If anyone on Earth wants to send mail TO A USER ON THIS SERVER,
then sendmail will accept any message from anywhere and perform local
delivery via procmail.
3. If someone OUTSIDE the server wants this server to take a
message and deliver it to another user, also OUTSIDE the server, then as
far as sendmail is concerned the message originated from an outsider,
passed through this server, and is supposed to be delivered to another
outsider. This is relaying. And if you want sendmail to relay, then you
should definitely configure SMTP AUTH and leave /etc/mail/access pretty
much locked down. (Unless you only want a few specific IP addresses on
Earth to be able to relay, but that's not often the case.)
>Let me clarify a little and maybe that will curb some confusion. This
>server is going to be meant mainly as a web server serving two sites.
>The only mail that will really be done by this will be outgoing (i.e.
>"Your order has shipped jackass!").
So you only want scenarios #1 and #2, but not #3, right? Then you don't
need to relay, and you don't need SMTP AUTH. But then most likely you broke
something, since those two scenarios require only a single line to be
modified in sendmail.mc before regenerating sendmail.cf. You may want to
try getting a "clean" copy of the sendmail.mc and starting over (you /DID/
make a backup of the original unmodified file... right??).
I'm not sure that you /want/ to delete 52 packages and start over, but if
that's the easiest way for you then go for it. I would first try to fix my
sendmail.mc and .cf though; you can use the sendmail.mc file on my HOWTO as
a reference for one that does work.
-- Rodolfo J. Paiz rpaiz@simpaticus.com http://www.simpaticus.com -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Jason Dixon: "Re: can't figure out this sendmail error"
- Maybe in reply to: Chris W. Parker: "can't figure out this sendmail error"
- Next in thread: Michael Fratoni: "Re: can't figure out this sendmail error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
