Re: Sendmail local only.....
On 2008-01-23 13:44, Agus <[EMAIL PROTECTED]> wrote: >> Giorgos, question...is it needed to put the >> sendmail_submit_enable="YES" >> sendmail_msp_queue_enable="YES" >> Although they are the default ones? > > Maybe i wasnt clear...but with the options you gave me Giorgos i still > can send email from localhost to external servers like hotmail for > instance, through telnet.I want to disable this, so it can only > send mails to local accounts Ah, I misunderstood the original question. My apologies. On 2008-01-23 17:26, Matthew Seaman <[EMAIL PROTECTED]> wrote: > Hmm... It's actually pretty hard to stop an MTA from being able to > send e-mail, given that is what it is designed to do. Hehe, indeed :) > Another approach worth trying would be to use a wildcard mailertable > entry that redirects any mail back to root the local machine: > > >localhost local: >your.host.name local: >. local:root That should work fine :) > or replace the last line with: > >. error:Mail to external sites not allowed That's a great idea to build upon. >From the limited testing I did just now, bounces still go through, so someone may abuse this to post email by setting the sender address to the intended recipient, and posting to random outside mailboxes. The following works too (after setting up a local dev-null alias): localhost local: my.hostname local: . local:dev-null This silently drops email messages, but at least it logs the delivery to the dev-null alias, so there's a trace of the email message even though it won't really get delivered to any user's mailbox and there's no error responce sent to anyone. Jan 24 03:57:09 kobe sendmail[9255]: m0O1ura8009255: [EMAIL PROTECTED], \ size=83, class=0, nrcpts=1, msgid=<[EMAIL PROTECTED]>, \ [EMAIL PROTECTED] Jan 24 03:57:09 kobe sendmail[9255]: m0O1ura8009255: [EMAIL PROTECTED], \ [EMAIL PROTECTED] (1000/1000), delay=00:00:16, xdelay=00:00:00, mailer=relay, \ pri=30083, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, \ stat=Sent (m0O1v94R009303 Message accepted for delivery) Jan 24 03:57:09 kobe smtpd[9303]: m0O1v94R009303: from=<[EMAIL PROTECTED]>, \ size=374, class=0, nrcpts=1, msgid=<[EMAIL PROTECTED]>, \ proto=ESMTP, daemon=Daemon0, relay=kobe.laptop [127.0.0.1] Jan 24 03:57:09 kobe smtpd[9307]: m0O1v94R009303: to=/dev/null, \ ctladdr=bit-bucket (26/0), delay=00:00:00, xdelay=00:00:00, mailer=*file*, \ pri=30629, dsn=2.0.0, stat=Sent Setting up a `mail-sink' alias, which traps all outgoing messages this way, may be an easier way to recover the undelivered messages. It fringes on privacy violation, though, so I'm now going to pick one or the other :) - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
2008/1/23, Zbigniew Szalbot <[EMAIL PROTECTED]>: > > Hello, > > 2008/1/23, Rob <[EMAIL PROTECTED]>: > > Agus wrote: > > > Just trying to make sendmail work locally only.And by that i mean, > i > > > dont want sendmail to be able to relay or send mail to any other > machine > > > except for localhost > > > > I like to avoid sendmail all together. > > > > Install ports/mail/ssmtp > > > > Turn off sendmail: > > sendmail_enable="NONE" # Run the sendmail inbound daemon > (YES/NO/NONE). > > sendmail_outbound_enable="NO" # Dequeue stuck mail (YES/NO). > > sendmail_submit_enable="NO" # Start a localhost-only MTA for mail > submission > > > > >From pkg-descr: > > "A secure, effective and simple way of getting mail off a system to your > > mail hub. It contains no suid-binaries or other dangerous things - no > mail > > spool to poke around in, and no daemons running in the background. Mail > is > > simply forwarded to the configured mailhost. Extremely easy > configuration. > > > > WARNING: the above is all it does; it does not receive mail, expand > aliases > > or manage a queue. That belongs on a mail hub with a system > administrator. > > > > WWW: http://packages.debian.org/testing/mail/ssmtp.html > > But this is not what OP has asked for! > > Zbigniew Szalbot > Right, this seems to be pretty cool if you want to relay mail with just four lines...but i want to deliver locally only... I think i will go like Mathew says... Cheers, Agustin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
Hello, 2008/1/23, Rob <[EMAIL PROTECTED]>: > Agus wrote: > > Just trying to make sendmail work locally only.And by that i mean, i > > dont want sendmail to be able to relay or send mail to any other machine > > except for localhost > > I like to avoid sendmail all together. > > Install ports/mail/ssmtp > > Turn off sendmail: > sendmail_enable="NONE" # Run the sendmail inbound daemon > (YES/NO/NONE). > sendmail_outbound_enable="NO" # Dequeue stuck mail (YES/NO). > sendmail_submit_enable="NO" # Start a localhost-only MTA for mail > submission > > >From pkg-descr: > "A secure, effective and simple way of getting mail off a system to your > mail hub. It contains no suid-binaries or other dangerous things - no mail > spool to poke around in, and no daemons running in the background. Mail is > simply forwarded to the configured mailhost. Extremely easy configuration. > > WARNING: the above is all it does; it does not receive mail, expand aliases > or manage a queue. That belongs on a mail hub with a system administrator. > > WWW: http://packages.debian.org/testing/mail/ssmtp.html But this is not what OP has asked for! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
Agus wrote: Just trying to make sendmail work locally only.And by that i mean, i dont want sendmail to be able to relay or send mail to any other machine except for localhost I like to avoid sendmail all together. Install ports/mail/ssmtp Turn off sendmail: sendmail_enable="NONE" # Run the sendmail inbound daemon (YES/NO/NONE). sendmail_outbound_enable="NO" # Dequeue stuck mail (YES/NO). sendmail_submit_enable="NO" # Start a localhost-only MTA for mail submission From pkg-descr: "A secure, effective and simple way of getting mail off a system to your mail hub. It contains no suid-binaries or other dangerous things - no mail spool to poke around in, and no daemons running in the background. Mail is simply forwarded to the configured mailhost. Extremely easy configuration. WARNING: the above is all it does; it does not receive mail, expand aliases or manage a queue. That belongs on a mail hub with a system administrator. WWW: http://packages.debian.org/testing/mail/ssmtp.html " -rob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Agus wrote: > Maybe i wasnt clear...but with the options you gave me Giorgos i still can > send email from localhost to external servers like hotmail for instance, > through telnet.I want to disable this, so it can only send mails to > local accounts > This is because this will be an open server with ssh access, so anyone with > access will be able to send mails to everywhere, so i dont want this to > happen Hmm... It's actually pretty hard to stop an MTA from being able to send e-mail, given that is what it is designed to do. A quick fix would be to use the firewall on the box to block connection to port 25 outgoing. Eg. with pf(4): block log out on $ext_if proto tcp \ from any to any port smtp However this will lead to outgoing messages clogging up the mail spool typically for five days, instead of being immediately rejected. You could try a custom sendmail configuration without the SMTP mailer - -- just delete the line saying: MAILER(smtp) at the end of `hostname`.mc and generate a sendmail .cf file in the usual way (ie. 'make all install') I am however not at all sure that even works -- sendmail documentation basically says the smtp mailer is mandatory. Another approach worth trying would be to use a wildcard mailertable entry that redirects any mail back to root the local machine: localhost local: your.host.name local: . local:root or replace the last line with: . error:Mail to external sites not allowed in order to reject the message instantly. This is all untried, so no guarantees of success, but experimenting along one or more of those lines should achieve what you want. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHl3jc8Mjk52CukIwRCNBvAJ941ZEAs+RnO7r0MR4S7wYH91oMWACeM01a pGXYxBKLwcqgybnT1l1Cb1E= =3A0Z -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
2008/1/23, Agus <[EMAIL PROTECTED]>: > > 2008/1/22, Lowell Gilbert <[EMAIL PROTECTED]>: > > > > Agus <[EMAIL PROTECTED]> writes: > > > > > Just trying to make sendmail work locally only.And by that i mean, > > i > > > dont want sendmail to be able to relay or send mail to any other > > machine > > > except for localhost > > > > > > How can i do this? I mean is there a way on rc.conf or i need to touch > > the > > > cf?? > > > > This is a very standard thing to do. See "man 8 sendmail.conf" > > (as recommended by the rc.conf(8) manual). > > > > > There is no man for sendmail.conf, nor sendmail.cf. > The rc.conf only mentions the rc.sendmail... > > Giorgos, question...is it needed to put the > sendmail_submit_enable="YES" > sendmail_msp_queue_enable="YES" > Although they are the default ones? > > Cheers, > Agustin Maybe i wasnt clear...but with the options you gave me Giorgos i still can send email from localhost to external servers like hotmail for instance, through telnet.I want to disable this, so it can only send mails to local accounts This is because this will be an open server with ssh access, so anyone with access will be able to send mails to everywhere, so i dont want this to happen Cheers and thanks for everyone that can help me... Agustin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
Agus <[EMAIL PROTECTED]> writes: > 2008/1/22, Lowell Gilbert <[EMAIL PROTECTED]>: >> >> Agus <[EMAIL PROTECTED]> writes: >> >> > Just trying to make sendmail work locally only.And by that i mean, i >> > dont want sendmail to be able to relay or send mail to any other machine >> > except for localhost >> > >> > How can i do this? I mean is there a way on rc.conf or i need to touch >> the >> > cf?? >> >> This is a very standard thing to do. See "man 8 sendmail.conf" >> (as recommended by the rc.conf(8) manual). >> > > > There is no man for sendmail.conf, nor sendmail.cf. > The rc.conf only mentions the rc.sendmail... My apologies. That is, indeed, what I meant. > Giorgos, question...is it needed to put the > sendmail_submit_enable="YES" > sendmail_msp_queue_enable="YES" > Although they are the default ones? No. These are just shell variable assignments. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
2008/1/22, Lowell Gilbert <[EMAIL PROTECTED]>: > > Agus <[EMAIL PROTECTED]> writes: > > > Just trying to make sendmail work locally only.And by that i mean, i > > dont want sendmail to be able to relay or send mail to any other machine > > except for localhost > > > > How can i do this? I mean is there a way on rc.conf or i need to touch > the > > cf?? > > This is a very standard thing to do. See "man 8 sendmail.conf" > (as recommended by the rc.conf(8) manual). > There is no man for sendmail.conf, nor sendmail.cf. The rc.conf only mentions the rc.sendmail... Giorgos, question...is it needed to put the sendmail_submit_enable="YES" sendmail_msp_queue_enable="YES" Although they are the default ones? Cheers, Agustin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
2008/1/22, Giorgos Keramidas <[EMAIL PROTECTED]>: > > On 2008-01-22 16:28, Schiz0 <[EMAIL PROTECTED]> wrote: > >On Jan 22, 2008 4:25 PM, Agus <[EMAIL PROTECTED]> wrote: > >> Hi guys, > >> Just trying to make sendmail work locally only.And by that i > >> mean, i dont want sendmail to be able to relay or send mail to any > >> other machine except for localhost > >> > >> How can i do this? I mean is there a way on rc.conf or i need to > >> touch the cf?? > > > > Search the file /etc/defaults/rc.conf for "sendmail" > > It has a bunch of options and explains what they do. > > NOTE: do not edit /etc/defaults/rc.conf - that's just the "Default > > settings" file. > > Make any changes in the /etc/rc.conf file instead. > > > > Basically, you want > > > > sendmail_enable="NO" > > > > And the rest of the sendmail options enabled. > > Not all of them, mind you. I use the following on my laptop: > > sendmail_enable="NO" > sendmail_outbound_enable="NO" > sendmail_submit_enable="YES" > sendmail_msp_queue_enable="YES" > > A fairly good explanation of why this setup works only as a 'local MTA', > and doesn't accept incoming SMTP connections from the world can be found > in the manpage of rc.sendmail: > > % man rc.sendmail > > To the original poster: > > Feel free to use the above sendmail_xxx settings in your `/etc/rc.conf' > file, but please make sure that you also: > > ... understand why these settings make Sendmail only forward locally > generated email messages, by reading the rc.sendmail manpage. > > ... have configured properly your local `/etc/mail/sendmail.cf' and > `/etc/mail/submit.cf' files. > > ... read the Handbook section about Sendmail, and let us know if you > find it difficult to understand, or you would like to see more stuff > documented. > > Cheers, > Giorgos > > Well thank you very much Giorgos and allwill use this but first will read all the mans you suggested me. Very much appreciated... Cheers, Agustin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
On 2008-01-22 16:28, Schiz0 <[EMAIL PROTECTED]> wrote: >On Jan 22, 2008 4:25 PM, Agus <[EMAIL PROTECTED]> wrote: >> Hi guys, >> Just trying to make sendmail work locally only.And by that i >> mean, i dont want sendmail to be able to relay or send mail to any >> other machine except for localhost >> >> How can i do this? I mean is there a way on rc.conf or i need to >> touch the cf?? > > Search the file /etc/defaults/rc.conf for "sendmail" > It has a bunch of options and explains what they do. > NOTE: do not edit /etc/defaults/rc.conf - that's just the "Default > settings" file. > Make any changes in the /etc/rc.conf file instead. > > Basically, you want > > sendmail_enable="NO" > > And the rest of the sendmail options enabled. Not all of them, mind you. I use the following on my laptop: sendmail_enable="NO" sendmail_outbound_enable="NO" sendmail_submit_enable="YES" sendmail_msp_queue_enable="YES" A fairly good explanation of why this setup works only as a 'local MTA', and doesn't accept incoming SMTP connections from the world can be found in the manpage of rc.sendmail: % man rc.sendmail To the original poster: Feel free to use the above sendmail_xxx settings in your `/etc/rc.conf' file, but please make sure that you also: ... understand why these settings make Sendmail only forward locally generated email messages, by reading the rc.sendmail manpage. ... have configured properly your local `/etc/mail/sendmail.cf' and `/etc/mail/submit.cf' files. ... read the Handbook section about Sendmail, and let us know if you find it difficult to understand, or you would like to see more stuff documented. Cheers, Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
Agus <[EMAIL PROTECTED]> writes: > Just trying to make sendmail work locally only.And by that i mean, i > dont want sendmail to be able to relay or send mail to any other machine > except for localhost > > How can i do this? I mean is there a way on rc.conf or i need to touch the > cf?? This is a very standard thing to do. See "man 8 sendmail.conf" (as recommended by the rc.conf(8) manual). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sendmail local only.....
On Jan 22, 2008 4:25 PM, Agus <[EMAIL PROTECTED]> wrote: > Hi guys, > > Just trying to make sendmail work locally only.And by that i mean, i > dont want sendmail to be able to relay or send mail to any other machine > except for localhost > > How can i do this? I mean is there a way on rc.conf or i need to touch the > cf?? > > Thanks in advance and cheers, > Agustin Search the file /etc/defaults/rc.conf for "sendmail" It has a bunch of options and explains what they do. NOTE: do not edit /etc/defaults/rc.conf - that's just the "Default settings" file. Make any changes in the /etc/rc.conf file instead. Basically, you want sendmail_enable="NO" And the rest of the sendmail options enabled. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Sendmail local only.....
Hi guys, Just trying to make sendmail work locally only.And by that i mean, i dont want sendmail to be able to relay or send mail to any other machine except for localhost How can i do this? I mean is there a way on rc.conf or i need to touch the cf?? Thanks in advance and cheers, Agustin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
