Sendmail ignores hosts.allow
Alex Zbyslaw
xfb52 at dial.pipex.com
Tue May 22 19:51:26 UTC 2007
Maxim Khitrov wrote:
> I'm not sure I understand what you mean... I'm not using inetd, and
> the default configuration doesn't block sendmail from all remote
> hosts. The ssh server is running all by itself, same as sendmail. The
> way I understand it is that as long as the server was compiled with
> tcp wrappers, it should follow the rules in hosts.allow.
Sendmail is different from other network apps in that it does not block
the connection when a deny rule is in effect, instead it send some kind
of reject code (5xx) during the SMTP conversation.
If you check /var/log/maillog you may well see this happening.
If you search the mail archives (or try google) with some appropriate
keywords then you should find a post from Matthew Seaman which explains
it in detail You could also search the source code, if you are somewhat
C literate.
If you want to completely block connections from specific hosts (or only
allow specific hosts) then I would suggest doing that with firewall rules.
Didn't follow the start of the thread very closely so I hope I got the
right end of the stick.
--Alex
More information about the freebsd-questions
mailing list