Sendmail IP interface assignment -- how to?

Rob bitabyss at
Wed Oct 3 11:04:59 PDT 2007

Hi All,

Working on standard sendmail 8.13.8 on FreeBSD 6.2.  Machine has a 2nd NIC that I want to use for a jail environment, so I'm trying to get rid of all the extraneous servers listening on it.

Sendmail was of course listening on the smtp and submission ports on all interfaces.  I tracked down the sendmail option DaemonPortOptions to configure this.

In the STANDARD file there was:
    O DaemonPortOptions=Name=MTA
    O DaemonPortOptions=Port=587, Name=MSA, M=E

So I edited the .mc macro to add:

Which built with:
    O DaemonPortOptions=Addr=,Port=smtp,Name=MTA
    O DaemonPortOptions=Addr=,Port=smtp,Name=MTA
    O DaemonPortOptions=Port=587, Name=MSA, M=E

That closed port 25 on the extra NIC, but netstat still shows "tcp4 *.submission LISTEN".  I definitely need to close port 587 in the 2nd NIC, but I was wondering about "best practices" for this.  Shouldn't the submission thing ONLY be on the localhost IP?  I'm thinking I can use:

Am I going in the right direction here?  It looks like I've turned off smtp as intended, but wondering if I'm doing the right thing with restricting submission.  Any other suggestions on configuring this?  (other than "don't use sendmail")  This is on a live server, so I don't want to hose things up too much experimenting!

  -Thanks,  Rob

More information about the freebsd-questions mailing list