Re: Do I need to completely disable sendmail?
Robert C Wittig wrote: Rob Gabaree wrote: Thanks. What I did was remove all lines except `sendmail_enable=NO` and in /etc/mail/aliases, I setup the root alias to goto my real email address: root [EMAIL PROTECTED] I setup my firewall to block incoming/outgoing email on ports 21/25 as well, so no one on the outside can access mail services. It seems to be working correctly, as I received mail as it was ran to my @mydomain.com email. Does this seem ok? Did I do anything wrong? I run OpenBSD on my mailservers, but I expect that the sendmail works basically the same. In /etc/rc.conf or its FreeBSD equivalent, check the sendmail line to see if it references localhost.cf or sendmail.cf localhost.cf will permit internal mail on the machine, so that root can send messages to your everyday UID, etc., but will not permit mail to be sent to or received from, the Internet, or other machines in you LAN. sendmail.cf will permit full Internet email, but even this will not permit Internet email, unless your machine has a fully Qualified Domain Name, which is registered with your domain registrar, and has the Registrar's MX setting configured properly. Uh -- the way OpenBSD deals with sendmail is a bit different to the way FreeBSD does. Under FreeBSD, rc.conf settings are used to prevent sendmail from listening on any network interfaces than the loopback. Otherwise exactly the same sendmail.cf would be used for either case. FreeBSD also has all of the machinery required to rebuild the .cf files from the .mc files setup and available directly from /etc/mail. The system defaults to creating $(hostname).mc and $(hostname).submit.mc files if none exist already and then turning those into sendmail.cf and submit.cf Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Do I need to completely disable sendmail?
Hi, I have a remote server that I don't plan on using for email as I have another server to handle that. My question is.. is it a bad idea to _completely_ disable sendmail on that machine? Right now /etc/ rc.conf has: sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO But I checked /var/log/maillog and saw about 5 archives of messages that looked like this: Sep 24 03:01:09 ny sendmail[63140]: k8I719YD078452: k8O71858063140: return to sender: Cannot send message for 5 days Sep 24 03:01:09 ny sendmail[63140]: k8O71858063140: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=49386, relay= [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] So what should I do? Should I just have sendmail_enable=NO in / etc/rc.conf, so only the incoming mail service is disabled? That way messages could be sent without the above errors? Or what? Thanks for any help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Do I need to completely disable sendmail?
I have the same four lines in rc.conf, but that is because I installed postfix. If you want to disable it completely, you'd use sendmail_enable=NONE, but you wouldn't be able receive messages sent by crontab, syslogd, etc. Michael --- Rob Gabaree [EMAIL PROTECTED] wrote: Hi, I have a remote server that I don't plan on using for email as I have another server to handle that. My question is.. is it a bad idea to _completely_ disable sendmail on that machine? Right now /etc/ rc.conf has: sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO But I checked /var/log/maillog and saw about 5 archives of messages that looked like this: Sep 24 03:01:09 ny sendmail[63140]: k8I719YD078452: k8O71858063140: return to sender: Cannot send message for 5 days Sep 24 03:01:09 ny sendmail[63140]: k8O71858063140: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=49386, relay= [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] So what should I do? Should I just have sendmail_enable=NO in / etc/rc.conf, so only the incoming mail service is disabled? That way messages could be sent without the above errors? Or what? Thanks for any help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Do I need to completely disable sendmail?
On Sun, Sep 24, 2006 at 05:18:27PM -0400, Rob Gabaree wrote: So what should I do? Should I just have sendmail_enable=NO in / etc/rc.conf, so only the incoming mail service is disabled? That way messages could be sent without the above errors? Or what? You should allow the system to send out it's mail. And it should go somewhere meaningful (i.e., to you). And you should read it. All my systems send me mail every day, and I scan through it to make sure everything is okay. That's what those messages are for. :) So, yes. You should disabled incoming, but allow submit, etc. You can also firewall off incoming instead or in addition. -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Do I need to completely disable sendmail?
Rob Gabaree wrote: I have a remote server that I don't plan on using for email as I have another server to handle that. My question is.. is it a bad idea to _completely_ disable sendmail on that machine? Yes. You probably want to allow the server to send you administrative mail that it generates itself, but not let it receive any from outside. To do that: (1) Use the default settings for sendmail by not specifying any . Delete all lines containing sendmail from /etc/rc.conf. This will allow outgoing mail only. (2) Put a line in /etc/aliases that defines who receives root's e-mail for the server. Point it to your actual e-mail address. For example, root: [EMAIL PROTECTED] (3) Reboot. That's it. Now the box can send you it's status information, but it won't listen for any incoming mail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Do I need to completely disable sendmail?
Thanks. What I did was remove all lines except `sendmail_enable=NO` and in / etc/mail/aliases, I setup the root alias to goto my real email address: root [EMAIL PROTECTED] I setup my firewall to block incoming/outgoing email on ports 21/25 as well, so no one on the outside can access mail services. It seems to be working correctly, as I received mail as it was ran to my @mydomain.com email. Does this seem ok? Did I do anything wrong? Thanks, rob On Sep 24, 2006, at 5:42 PM, Darrin Chandler wrote: On Sun, Sep 24, 2006 at 05:18:27PM -0400, Rob Gabaree wrote: So what should I do? Should I just have sendmail_enable=NO in / etc/rc.conf, so only the incoming mail service is disabled? That way messages could be sent without the above errors? Or what? You should allow the system to send out it's mail. And it should go somewhere meaningful (i.e., to you). And you should read it. All my systems send me mail every day, and I scan through it to make sure everything is okay. That's what those messages are for. :) So, yes. You should disabled incoming, but allow submit, etc. You can also firewall off incoming instead or in addition. -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Do I need to completely disable sendmail?
Rob Gabaree wrote: Thanks. What I did was remove all lines except `sendmail_enable=NO` and in /etc/mail/aliases, I setup the root alias to goto my real email address: root [EMAIL PROTECTED] I setup my firewall to block incoming/outgoing email on ports 21/25 as well, so no one on the outside can access mail services. It seems to be working correctly, as I received mail as it was ran to my @mydomain.com email. Does this seem ok? Did I do anything wrong? I run OpenBSD on my mailservers, but I expect that the sendmail works basically the same. In /etc/rc.conf or its FreeBSD equivalent, check the sendmail line to see if it references localhost.cf or sendmail.cf localhost.cf will permit internal mail on the machine, so that root can send messages to your everyday UID, etc., but will not permit mail to be sent to or received from, the Internet, or other machines in you LAN. sendmail.cf will permit full Internet email, but even this will not permit Internet email, unless your machine has a fully Qualified Domain Name, which is registered with your domain registrar, and has the Registrar's MX setting configured properly. -- -wittig http://www.robertwittig.com/ . http://robertwittig.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Do I need to completely disable sendmail?
On Sun, Sep 24, 2006 at 05:18:27PM -0400, Rob Gabaree wrote: Hi, I have a remote server that I don't plan on using for email as I have another server to handle that. My question is.. is it a bad idea to _completely_ disable sendmail on that machine? Right now /etc/ rc.conf has: sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO What you have disables incoming Email, but sstill lets the system send out Email. That is good, because the system sends notices about various things and you might want to send something from it sometimes - such as sending a file to yourself or whatever but without receiving anything. So, unless there is a very compelling reason, leave it the way it is. jerry But I checked /var/log/maillog and saw about 5 archives of messages that looked like this: Sep 24 03:01:09 ny sendmail[63140]: k8I719YD078452: k8O71858063140: return to sender: Cannot send message for 5 days Sep 24 03:01:09 ny sendmail[63140]: k8O71858063140: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=49386, relay= [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] So what should I do? Should I just have sendmail_enable=NO in / etc/rc.conf, so only the incoming mail service is disabled? That way messages could be sent without the above errors? Or what? Thanks for any help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Completely disable sendmail
On 12/15/05, Russell E. Meek [EMAIL PROTECTED] wrote: Pietro, *sendmail_enable=NONE* in your rc.conf will shutdown Sendmail completely and globally. Same thing with NONE instead of NO, moreover `man sendmail.rc` says sendmail_enable (str) If set to ``YES'', run the sendmail(8) daemon at system boot time. If set to ``NO'', do not run a sendmail(8) daemon to listen for incoming network mail. This does not preclude a sendmail(8) daemon listening on the SMTP port of the loopback interface. The ``NONE'' option is deprecated and should not be used. It will be removed in a future release. Russell E, Meek Thanx, Any other ideas? -- Pietro Cerutti [EMAIL PROTECTED] Beansidhe - SwiSS Death / Thrash Metal www.beansidhe.ch Windows: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Completely disable sendmail
On Thu, Dec 15, 2005 at 09:30:07AM +0100, Pietro Cerutti wrote: Same thing with NONE instead of NO, moreover `man sendmail.rc` says sendmail_enable (str) If set to ``YES'', run the sendmail(8) daemon at system boot time. If set to ``NO'', do not run a sendmail(8) daemon to listen for incoming network mail. This does not preclude a sendmail(8) daemon listening on the SMTP port of the loopback interface. The ``NONE'' option is deprecated and should not be used. It will be removed in a future release. Hi Pietro, Setting the 4 sendmail*_enable variables to NO as you've done will prevent any sendmail daemons from running. However, it doesn't stop anything from directly invoking /usr/sbin/sendmail - which is what cron does when it wants to send some mail. When sendmail is invoked this way it will try to deliver the mail according to its submit.cf configuration file. You should be able to disable any email sending from cron by adding a MAILTO= line to your crontab file. It might still be a good idea to fix your sendmail configuration so you can actually send mail from this system. Cheers, Scott -- === Scott Mitchell | PGP Key ID | Eagles may soar, but weasels Cambridge, England | 0x54B171B9 | don't get sucked into jet engines scott at fishballoon.org | 0xAA775B8B | -- Anon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Completely disable sendmail
Hi list, before someone begins to flame me, I'll tell you that I'm running 6.0-STABLE and that my rc.conf contains: sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO In my crontab there is a job which runs every hour, and prints one line as output. This output should be mailed to me, but since I disabled sendmail, I guess it should get lost (which is what I'd want). Anyway, lost or not, I don't want to have it mailed to me, nor I want sendmail to bug my ttyv0 with such messages: sendmail[pid] My unqualified host name [my host name] unknown. Sleeping for retry sendmail[pid] unable to qualify my own domain name (my host name) -- using short name My box is not a part of a domain, so the errors are justified, but this shows that sendmail is not completely disabled on my system... Now, I could solve this by redirecting the output of my job to /dev/null, but I don't see it as a smart solution. Any ideas? Thanx! -- Pietro Cerutti [EMAIL PROTECTED] Beansidhe - SwiSS Death / Thrash Metal www.beansidhe.ch Windows: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Completely disable sendmail
On Thu, Dec 15, 2005 at 01:59:41AM +0100, Pietro Cerutti wrote: before someone begins to flame me, I'll tell you that I'm running 6.0-STABLE and that my rc.conf contains: no flames, relax :) sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO /etc/defaults/rc.conf used to (5.x?) document sendmail_enable=NONE to completely disable sendmail. Not sure where/if it's documented now. Once set, I believe you can disregard all the other settings. -- Regards, Doug ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Completely disable sendmail
Pietro Cerutti wrote: Hi list, before someone begins to flame me, I'll tell you that I'm running 6.0-STABLE and that my rc.conf contains: sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO In my crontab there is a job which runs every hour, and prints one line as output. This output should be mailed to me, but since I disabled sendmail, I guess it should get lost (which is what I'd want). Anyway, lost or not, I don't want to have it mailed to me, nor I want sendmail to bug my ttyv0 with such messages: sendmail[pid] My unqualified host name [my host name] unknown. Sleeping for retry sendmail[pid] unable to qualify my own domain name (my host name) -- using short name My box is not a part of a domain, so the errors are justified, but this shows that sendmail is not completely disabled on my system... Now, I could solve this by redirecting the output of my job to /dev/null, but I don't see it as a smart solution. Any ideas? Thanx! -- Pietro Cerutti [EMAIL PROTECTED] Beansidhe - SwiSS Death / Thrash Metal www.beansidhe.ch Windows: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Pietro, *sendmail_enable=NONE* in your rc.conf will shutdown Sendmail completely and globally. Thanks, Russell E, Meek ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
