Michael, Normally, sendmail is controlled by /etc/init.d/sendmail. An imap server is (somewhat) unrelated to sendmail, and uses port 143. The sendmail daemon uses port 25 and is considered an MTA (mail transfer agent) as opposed to a mail delivery agent. An MTA normally runs all the time as a daemon, and is not started by inetd. When I look at the contents of /etc/init.d/sendmail in SLES8, I see this: startproc -p $srvpid /usr/sbin/sendmail $SENDMAIL_ARGS
So, the tcp wrapper program (tcpd) is not invoking sendmail. Now, whether sendmail was compiled with tcp wrapper support or not is another matter. You could try starting sendmail with debugging turned on "-dX" where "X" is a number, and see if anything interesting comes out when a 192.168.x.x host connects. Now having done a "man 5 hosts_access" command, I see this: PATTERNS The access control language implements the following patterns: o A string that begins with a `.' character. A host name is matched if the last components of its name match the specified pattern. For example, the pattern `.tue.nl' matches the host name `wzv.win.tue.nl'. o A string that ends with a `.' character. A host address is matched if its first numeric fields match the given string. For example, the pattern `131.155.' matches the address of (almost) every host on the Eindhoven Uni- versity network (131.155.x.x). So, it looks like you should be specifying "192.168." as your addresses to be blocked. Mark Post -----Original Message----- From: Coffin Michael C [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 09, 2003 12:31 PM To: [EMAIL PROTECTED] Subject: Re: SuSE 8 /etc/hosts.deny and CIDR Hi Mark, Hmmm, that's interesting. My definition for "sendmail" in inetd.conf is commented out, does sendmail start as part of the imap package? I think it does (been a long time since I looked), and imap starts with the "tcpd" invocation (ftp, telnet and several others do as well). When I check my mail log (/var/log/mail) I can definitely see the hosts in /etc/hosts.deny being blocked by tcpwrappers. Here is an example: Jul 8 18:14:41 linux sendmail[5070]: h68MEaPK005070: tcpwrappers (unknown, 80.148.20.0) rejection So it appears that sendmail is using tcpwrappers. Is the CIDR addressing format supported for /etc/hosts.deny in SuSE 8? Michael Coffin, VM Systems Programmer Internal Revenue Service - Room 6030 1111 Constitution Avenue, N.W. Washington, D.C. 20224 Voice: (202) 927-4188 FAX: (202) 622-6726 [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -----Original Message----- From: Post, Mark K [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 3:46 PM To: [EMAIL PROTECTED] Subject: Re: SuSE 8 /etc/hosts.deny and CIDR Michael, Is your SMTP server actually _using_ tcpwrappers? Most of them do not. You would have to be starting it like this: /usr/sbin/tcpd /path/to/your/smtpdaemon Mark Post -----Original Message----- From: Coffin Michael C [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 11:18 AM To: [EMAIL PROTECTED] Subject: SuSE 8 /etc/hosts.deny and CIDR Hi Folks, Can you use CIDR addressing in /etc/hosts.deny? This is SuSE 8 by the way. I've got a statement in hosts.deny which reads: ALL: 192.168.0.0/18 to reject everything from 192.168. (actual IP's are different) but an IP address in that range was allowed to connect to my SMTP server. Shouldn't tcpwrappers have blocked it? Michael Coffin, VM Systems Programmer Internal Revenue Service - Room 6030 1111 Constitution Avenue, N.W. Washington, D.C. 20224 Voice: (202) 927-4188 FAX: (202) 622-6726 [EMAIL PROTECTED]