On Mon, 22 Dec 2008 17:30:51 +1100, "Malcolm Herbert"
<opensolaris.org at mjch.net> said:
> We have a number of Solaris hosts which have the default sendmail
> install. We require sendmail running in order to have these hosts send
> email to our Ops people, however we'd like to limit the interfaces on
> which sendmail is listening.
Thanks to Greg Boug and Alan Chalmers[1] for providing some areas to
explore ...
Greg pointed out that binding to localhost appears to be the default
when installing 08/07 and Alan noted that the sendmail config items I
wanted could be added by manipulating /etc/default/sendmail and adding
OPTIONS=-ODaemonPortOptions=Addr=localhost
As it turned out, the host didn't appear to have /etc/default/sendmail,
but I had both an 03/05 host which exhibited the problem and an 08/07
host which didn't - a recursive diff comparing the /etc/mail directories
for both hosts revealed only cosmetic changes between the two, however I
did note that on the 08/07 host sendmail was being run as
/usr/lib/sendmail -bd -q15m -C /etc/mail/local.cf
/etc/mail/local.cf contains the appropriate configuration lines as
listed below which were similar to Alan's suggestion, so the real
problem turned out to be how to get the service management framework to
call sendmail correctly:
O DaemonPortOptions=NAME=NoMTA4, Family=inet, Addr=127.0.0.1
O DaemonPortOptions=Name=MSA4, Family=inet, Addr=127.0.0.1,
Port=587, M=E
Digging around in /lib/svc/method/smtp-sendmail revealed:
local=`/usr/bin/svcprop -p config/local_only $SMF_FMRI 2>/dev/null`
if [ $? = 0 -a "$local" = "true" ]; then
OPTIONS="$OPTIONS -C /etc/mail/local.cf"
fi
so it appears this behaviour is controlled with the sendmail
config/local_only service property. Below is a transcript showing this
in action:
|stampy[~] 1v#: netstat -afinet -Ptcp | sed -ne '1,4p' -e '/smtp/p'
|
|TCP: IPv4
| Local Address Remote Address Swind Send-Q Rwind Recv-Q
State
|-------------------- -------------------- ----- ------ ----- ------
-----------
| *.smtp *.* 0 0 49152 0
LISTEN
| *.smtp *.* 0 0 49152 0
LISTEN
|stampy[~] 2v#: ps -ef | grep sendmail
| root 15746 1 0 17:01:13 ? 0:00 /usr/lib/sendmail
-bd -q15m
| root 15798 15780 0 17:04:25 pts/29 0:00 grep sendmail
| smmsp 15745 1 0 17:01:13 ? 0:00 /usr/lib/sendmail
-Ac -q15m
|stampy[~] 3v#: svcprop -p config/local_only sendmail false
|stampy[~] 4v#: svccfg -s sendmail setprop config/local_only=true
|stampy[~] 5v#: svcadm refresh sendmail
|stampy[~] 6v#: svcadm disable sendmail
|stampy[~] 7v#: ps -ef | grep sendmail
| root 15817 15780 0 17:05:55 pts/29 0:00 grep sendmail
|stampy[~] 8v#: svcadm enable sendmail
|stampy[~] 9v#: ps -ef | grep sendmail
| root 15827 1 0 17:06:02 ? 0:00 /usr/lib/sendmail
-bd -q15m -C /etc/mail/local.cf
| smmsp 15826 1 0 17:06:02 ? 0:00 /usr/lib/sendmail
-Ac -q15m
| root 15831 15780 0 17:06:07 pts/29 0:00 grep sendmail
|stampy[~] 10v#: netstat -afinet -Ptcp | sed -ne '1,4p' -e '/smtp/p'
|
|TCP: IPv4
| Local Address Remote Address Swind Send-Q Rwind Recv-Q
State
|-------------------- -------------------- ----- ------ ----- ------
-----------
|localhost.smtp *.* 0 0 49152 0
LISTEN
Hope that helps ...
Regards,
Malcolm
[1] Andre's suggestion to install something other than sendmail was
ignored ... :)
--
Malcolm Herbert This brain intentionally
mjch at mjch.net left blank
