how do I see security logs without turning on sendmail?

Tuareg tuaregmex at gmail.com
Wed Jan 17 22:12:13 UTC 2007


On 1/15/07, Tuareg <tuaregmex at gmail.com> wrote:
>
> Sending again... it seems that the list dont want me to send mails from
> gmail... :(
>
> Well, after many suggestions from you on this topic last months/year...
>
> We have tried something that let us sent messages from this servers, but
> we would like the hear from you, how does this affect the server, we know
> that this is not the better solution, but it's what it worked for us.
>
> Found this link: http://security.uoregon.edu/sendmail/
>
> After reading this part:
>
> Turning off 127.0.0.1:25 Altogether
>
> The creation of an MSP process allows for some flexibility in client-class
> mail configuration. Because the MSP has a queue of its own, messages can
> either be queued or delivered immediately. So in some special cases, a
> machine can run without a sendmail listener. This however, is an unusual and
> not-recommended practice. It is merely listed here to elaborate on the
> differences between MTA's and MSP's.
>
> The "submit.mc" and " submit.cf" in this case would be:
>
> FEATURE(`msp',`centralmailserver')
> D{MTAHost}centralmailserver
>
>
> Obviously, it says that it's unusual and not-recommend, but didn't say
> exactly the reason.. (maybe you can tell me why, because I have knowledge in
> the configuration of sendmail, can configure it to avoid be used as relay,
> use of rbl lists, etc, but I'm not exactly an expert).
>
> Well, after reading this... went to one of the new servers.. and read
> /etc/mail/README
>
> 1. Designate an alternative host for the submission agent to contact
>    by altering /etc/mail/freebsd.submit.mc (or setting SENDMAIL_SUBMIT_MC
>    in /etc/make.conf to an alternate .mc file) and using
>    'make install-submit-cf' in /etc/mail/.  Change the FEATURE(msp) line
>    to FEATURE(msp, hostname) where hostname is the fully qualified
> hostname
>    of the alternative host.
>
>
> So, I modified the respective lines...
>
> %cat /etc/mail/freebsd.submit.mc
> .
> .
> .
>
> #
> #  This is the FreeBSD configuration for a set-group-ID sm-msp sendmail
> #  that acts as a initial mail submission program.
> #
> #
>
> divert(0)dnl
> VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.submit.mc,v 1.1.16.12006/04/13 04:00:23 gshapiro Exp $')
> define(`confCF_VERSION', `Submit')dnl
> define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
> define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
> define(`confTIME_ZONE', `USE_TZ')dnl
> define(`confDONT_INIT_GROUPS', `True')dnl
> define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
> dnl
> dnl If you use IPv6 only, change [ 127.0.0.1] to [IPv6:::1]
> FEATURE(`msp', `[ my.main.server]')dnl
>
> %make install-submit-cf
>
> And now, I'm able to receive the e-mail of our monitoring scripts in our
> main e-mailserver.
>
> I compared the file of the old servers, but this method wasn't used, so..
> can't tell you yet.. how the old server were modified to be able to send
> mails without using sendmail as daemon.
>
> Here is the result of the tests:
>
>
> %mail -v user at my.main.server
> Subject: TEST
> test
> .
> EOT
> user at my.main.server... Connecting to smtp.my.main.server. via relay...
> 220-my.main.server ESMTP Mail Server.
> 220-Ready on Mon, 15 Jan 2007 11:32:53 -0600 (CST).
> >>> EHLO new.monitored.server.
> 250-my.main.server Hello new.monitored.server [xxx.xxx.xxx.xxx], pleased
> to meet you
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250-SIZE 15000000
> 250-DSN
> 250-ONEX
> 250-ETRN
> 250-XUSR
> 250 HELP
> >>> MAIL From:< user at new.monitored.server > SIZE=50
> 250 2.1.0 <user at new.monitored.server>... Sender ok
> >>> RCPT To:< user at my.main.server>
> 250 2.1.5 <user at my.main.server>... Recipient ok
> >>> DATA
> 354 Enter mail, end with "." on a line by itself
> >>> .
> 250 2.0.0 l0FHWrV68053 Message accepted for delivery
> user at my.main.server... Sent (l0FHWrV123456 Message accepted for delivery)
> Closing connection to smtp.my.main.server.
> >>> QUIT
> 221 2.0.0 my.main.server closing connection
>
>
> tail -f /var/log/maillog
>
> Jan 15 11:32:53 monitored sendmail[70665]: l0FHWqLe707332: to=
> user at my.main.server, ctladdr=user (10001/120), delay=00:00:01,
> xdelay=00:00:01, mailer=relay, pri=30050, relay= smtp.my.main.server. [
> xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (l0FHWrV123456 Message accepted for
> delivery)
>
>
> This was done with FreeBSD 6.1 STABLE.
>
>
> Suggestions on this?
>
> P.S. Yes.. I know we can use smmtp, but please remember, what we wanted
> it's to avoid installing software and open the port 25, just wanted to sent
> the result of scripts via e-mail.
>
> Thanks for your comments/suggestions/and any other stuff... on this
> "solution" (at least for us)
>


No comments/suggestions about this?


More information about the freebsd-questions mailing list