Solved

limiting sendmail

Posted on 2000-04-14
5
222 Views
Last Modified: 2010-04-21
Whats the easiest way to limit sendmail? I only need it to send mail off the system, and received mail onto the system. I cant think of any reason that it needs to even bother trying to recognize a user or block them.

The answer is probably one I will slap my head over but I just had a tooth pulled so I dont feel like thinking. I will just pay fo rit.  :-)

Gandalf  Parker
0
Comment
Question by:GP1628
5 Comments
 
LVL 84

Expert Comment

by:ozo
Comment Utility
In what way do you want to limit sendmail?
0
 
LVL 2

Author Comment

by:GP1628
Comment Utility
I dont need it to accept do any relaying at all.
Only accept mail for the 4 accounts on the machine, and only send mail out.

The need for even those is minimal. I might just kill it completely. Mostly just system reports like Cron failures and such that get mailed to machines where root logs in more often.  :)

Can "local mail" be defined easily as being only our own network machines? Im beginning to think the LocalIP list is my best bet.

0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
I don't understand what you are trying to limit, other than preventing relaying. By default sendmail is only going to accept email for users that it knows about, it'll reject inbound email for anyone who is not a "system user", i.e., anyone not listed in the password file (or in the NIS/NIS+ password maps if you use that). Anti-relaying is enabled by default in sendmail 8.9.3 & later, which you ought to be using for a number of other security reasons.
0
 
LVL 2

Accepted Solution

by:
festive earned 100 total points
Comment Utility
If I read you correctly then try the following:

do not run sendmail as a daemon.

yes: kill the daemon and stop it from starting in the rc files:

when you send an email from the local system it will go out, but people that are not on the local system will not be able to send you mail.

This configuration is quite common and in use on many networks:

I have used it from many servers to send directly to one mailhost (set from /etc/hosts file in solaris) to good effect.

hope this helps
0
 
LVL 2

Author Comment

by:GP1628
Comment Utility
Sorry it took so long to get back at this. I cant believe I missed such an obvious answer. Thank you
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now