how do I see security logs without turning on sendmail?

Tuareg tuaregmex at gmail.com
Wed Dec 13 12:32:26 PST 2006 

On 12/13/06, Lane <lane at joeandlane.com> wrote:
>
> Tuareg,
>
> What happens when you do this:
>
> telnet localhost


telnet localhost 25
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Operation timed out
telnet: Unable to connect to remote host


Does the connection time out?  Or do you get a sendmail prompt?


Yes, the connection time out.
No, I don't get the sendmail prompt, because there is no sendmail running.

ps axwww | grep sendmail
47237  p0  R+     0:00.00 grep sendmail


I'm sort of mixed up on the order of the posts, here.  But let me see if I
> can
> rephrase the problem .... and then possibly help you find a solution ...
>
> It seems to me that the problem is that you cannot determine how to make
> FreeBSD 6.x do like other hosts under your influence, so that it will send
> email from root at localhost to another (possibly a hub) server?  Is that
> correct?


Yes, we have older versions of FreeBSD (4.x and 5.x) running on remote
servers
where we can't interrupt the service, in this servers, we can send e-mails
to our
main e-mail server, were we get reports of scripts.

In those servers, we don't have running sendmail, look:

ps axwww | grep sendmail
19702  p0  D+     0:00.00 grep sendmail
%
%telnet localhost 25
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Permission denied
telnet: Unable to connect to remote host

But, we are able to send emails:

mail -v user at main.server.com
Subject: Test
Testing from FreeBSD 4.6-RELEASE
.
EOT
user at main.server.com... Connecting to main.server.com via esmtp...
220 main.server.com ESMTP
>>> EHLO server.FreeBSD.4.6-RELEASE
250-main.server.com Hello
250-8BITMIME
250-SIZE 31457280
250-ETRN
250-DSN
250 PIPELINING
>>> MAIL From:<user at server.FreeBSD.4.6-RELEASE> SIZE=78
250 Sender OK
>>> RCPT To:<user at main.server.com>
250 Recipient OK
>>> DATA
354 Enter your message, followed by a dot on a line by itself
>>> .
250 AYQ81844 Message accepted for delivery
user at main.server.com... Sent (AYQ81844 Message accepted for delivery)
Closing connection to main.server.com
>>> QUIT
221 main.server.com Goodbye


First I assume that these other FreeBSD installations are also using
> sendmail.
> If that is NOT correct then your best hope is to replicate your mta
> configuration from those other hosts.  In fact that might not be a bad
> idea
> regardless of what they are running :)


You are right, all this installations are also using sendmail.

But again, assuming you want to run sendmail and ONLY allow the localhost to
> transmit out to another host for collection and/or distribution, enter
> this
> value into /etc/rc.conf:
>
> sendmail_enable="NO"
>
> Now edit /etc/mail/freebsd.mc.  Locate the term "SMART_HOST," uncomment
> that
> line, and enter the IP address or fully qualified domain name of your
> upstream server in place of 'your.isp.mail.server'
>
> Note:  If 'your.isp.mail.server' is NOT resolvable on the localhost, then
> you
> must use the IP address.  When you use the IP address, you must put it in
> [square brackets], like [192.168.2.1].
>
> Now from /etc/mail, type
>
> make all install
>
> then shutdown and restart the server using your method of choice, or just
> type
>
> /etc/rc.d/sendmail restart
>
> And try to send email again.  All should work now.
>
> But you must remember to configure the TARGET mail server to allow this
> host
> to send.  I'll leave that as an exercise for you.
>
> lane


 Have some doubts... about this procedure..  I'm going to explain why....

In this server (from the example, server.FreeBSD.4.6-RELEASE, where we can
send e-mail, but sendmail it's not running, rc.conf contains:
sendmail_enable="NONE", sendmail it's not running:

ps axwww | grep sendmail
19702  p0  D+     0:00.00 grep sendmail

And how I showed you in this messages, we are able to send messages, well..
root can do it, as a normal user I can't:

mail -v user at main.server.com
Subject: TEST
Testing from FreeBSD 4.6-RELEASE
.
EOT
collect: Cannot write ./dfkBDJDkW19705 (bfcommit, uid=xxx): Permission
denied
queueup: cannot create queue temp file ./tfkBDJDkW19705, uid=xxx: Permission
denied

The older sysadmin who made this configuration with FreeBSD 4.6-RELEASE,
quit the job and didn't leave any documentation, a how to, nothing, were he
explain how he did this.

That's the reason why we are looking to repeat this configuration with
FreeBSD 6.1-RELEASE, but couldn't do it.. yet.

Thank you for your help.

More information about the freebsd-questions mailing list