Rodolfo, On Saturday 26 January 2002 10:21, you said something about: > Hi! > > I have a firewall/gateway box (7.2 with updates) which has been working > properly for a while, albeit with a very simple configuation (masquerade > anything out, let only ssh in). Now, I'd like to put sendmail on it but > with two twists: > > 1. Tell sendmail only to accept connections from the internal IP's > (127.0.0.1 and 192.168.0.1). The firewall blocks connections from the > outside, but defense in depth is good.
Just tell it what ports you want to listen on and it will not listen on any others. It's the same as what RH does to prevent any listening on outside ports by default. You can list as many as you need. DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') DAEMON_OPTIONS(`Port=smtp,Addr=192.168.0.1, Name=MTA') > > 2. Set iptables rules to redirect *all* mail connections from the inside to > the firewall's sendmail, then have sendmail make final delivery. A > transparent mail proxy, if you will. > > Can anyone comment on how I would do both of these? I'm getting very > confused by iptables, and also not finding the right sendmail directive for > mc. I'm not sure I understand this part. Maybe ascii art is in order. Or at least an example of the flow of the mail. Are you sure you don't just need to change the MX record (of course that's useless if not using DNS internally. Or perhaps it is just a matter of relaying/smart pelaying that needs to be done. I just can't get a grasp of the use of IPTables for mail traffic. -- Brian Ashe CTO Dee-Web Software Services, LLC. [EMAIL PROTECTED] _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
