how do I see security logs without turning on sendmail?

Wed Dec 13 11:12:50 PST 2006

Hi Lane,

We have tried that too..

We have the same rules that in the other servers where we can send e-mail
without launching sendmail as daemon.

Anyway we have tried disabling all the rules with: ipfw -f -q flush

And listing the rules:

65535 87358 61876 allow ip from any to any

mail -v root at localhost
Subject: test
test.
.
EOT
root at localhost... Connecting to localhost.my.domain. via relay...
root at localhost... Deferred: Operation timed out with localhost.my.domain.

mail -v user at other.domain.com
Subject: test
test
.
EOT
user at other.domain.com... Connecting to localhost.my.domain. via relay...
user at other.domain.com... Deferred: Operation timed out with
localhost.my.domain.

Also searched about sendmail in the BSD FAQ, Handbook, if we should change
some file in /etc/mail, but (maybe should look again?) didn't find anything
about which file should we modify, let's say.. submit.mc? freebsd.submit.mc?

Suggestions?

Thank you for your help.

On 12/8/06, Lane <lane at joeandlane.com> wrote:
>
> On Friday 08 December 2006 11:16, Tuareg wrote:
> > On 12/5/06, Lane <lane at joeandlane.com> wrote:
> > > On Tuesday 05 December 2006 21:49, Wasp King wrote:
> > > > is there a way that one can specify a log place to see
> > > > daily logs like you receive from root at localhost, when
> > > > sendmail is turned on?
> > > >
> > > > there must be a way to enable only local mail
> > > > delivery...but I am not sure how..
> > > >
> > > > would like to shut down sendmail but want to see
> > > > security logs.
> > > >
> > > > thanks.
> > > >
> > > > Zach
> > > > using FreeBSD 4.2 and sendmail 8.x (maybe).
> > >
> > >
> _________________________________________________________________________
> > >__ IIRC, sendmail has three controlling values in /etc/rc.conf:
> > >
> > > sendmail_enable="YES"
> > > sendmail_enable="NO"
> > > and
> > > sendmail_enable="NONE"
> > >
> > > The third value, "NONE," causes the boot process to ignore any attempt
> to
> > > start sendmail.
> > >
> > > The second value, "NO," causes the boot process to start sendmail for
> > > "local
> > > delivery, only" (i.e. do NOT accept inbound connections from external
> > > hosts).
> > >
> > > The first value, "YES," causes the boot process to start sendmail for
> > > outgoing
> > > and incoming SMTP connections.
> > >
> > > There are many "tweaks" that you can use in /etc/rc.conf - (refer
> > > to /etc/defaults/rc.conf) - that will allow various flavors of
> sendmail
> > > usage.  See also, /etc/rc.sendmail.
> > >
> > > In your case sendmail_enable="NO" should allow the local system to
> > > send "periodic" information to root at localhost, or whatever alias you
> use
> > > in /etc/mail/aliases, while disallowing external hosts from sending
> email
> > > by
> > > way of the local host.  Note that this requires that you pay heed
> > > to /etc/mail/Makefile and associated README documentation
> > > in /usr/src/contrib/sendmail and below.
> > >
> > > Best of luck!
> > >
> > >
> > > lane
> >
> > Hi...  Where I'm working, have many servers with FreeBSD 4.x and 5.x,
> this
> > servers are enable to send mail but the daemon of sendmail is not
> launched.
> >
> > Now, we have installed FreeBSD 6.1 STABLE, but can't reply this schema.
> >
> > Which file needs to be modified in /etc/mail to allow the server to send
> > emails to our real mailserver so we can receive the results of some
> scripts
> > without launching the daemon of sendmail?
> >
> > We have tried using sendmail="NO", in rc.conf, but we only get this
> > messages:
> >
> > user at mydomain.com... Connecting to [127.0.0.1] via relay...
> > user at mydomain.com... Deferred: Permission denied
> >
> > Thank you for your help in advance.
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "freebsd-questions-unsubscribe at freebsd.org"
> Tuareg,
>
> Your problem is likely related to ipfw, or "firewall_type",
> "firewall_enable"
> in /etc/rc.conf.
>
> The "permission denied" error implies that your firewall ruleset is
> preventing
> the outgoing connection.  Try:
>
> ipfw show
>
> to see your current firewall rules.
>
> Also read through /etc/rc.firewall and /etc/defaults/rc.conf to get some
> more
> information on the firewall issues.
>
> When you've gotten that resolved you should have enough information to get
> sendmail working the way you want.
>
> lane
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>