Sendmail IP interface assignment -- how to?

Matthew Seaman m.seaman at
Wed Oct 3 22:55:59 PDT 2007

Hash: SHA256

Rob wrote:
> Hi All,
> Working on standard sendmail 8.13.8 on FreeBSD 6.2.  Machine has a 2nd
> NIC that I want to use for a jail environment, so I'm trying to get rid
> of all the extraneous servers listening on it.
> Sendmail was of course listening on the smtp and submission ports on all
> interfaces.  I tracked down the sendmail option DaemonPortOptions to
> configure this.
> In the STANDARD file there was:
>    O DaemonPortOptions=Name=MTA
>    O DaemonPortOptions=Port=587, Name=MSA, M=E
> So I edited the .mc macro to add:
>    DAEMON_OPTIONS(`Addr=,Port=smtp,Name=MTA')
>    DAEMON_OPTIONS(`Addr=,Port=smtp,Name=MTA')
> Which built with:
>    O DaemonPortOptions=Addr=,Port=smtp,Name=MTA
>    O DaemonPortOptions=Addr=,Port=smtp,Name=MTA
>    O DaemonPortOptions=Port=587, Name=MSA, M=E
> That closed port 25 on the extra NIC, but netstat still shows "tcp4
> *.submission LISTEN".  I definitely need to close port 587 in the 2nd
> NIC, but I was wondering about "best practices" for this.  Shouldn't the
> submission thing ONLY be on the localhost IP?  I'm thinking I can use:
>    DAEMON_OPTIONS(`Addr=,Port=587,Name=MSA,M=E')
> Am I going in the right direction here?  It looks like I've turned off
> smtp as intended, but wondering if I'm doing the right thing with
> restricting submission.  Any other suggestions on configuring this? 
> (other than "don't use sendmail")  This is on a live server, so I don't
> want to hose things up too much experimenting!

You also need:


otherwise, you're definitely heading in the right direction.



- -- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP:     Ramsgate
                                                  Kent, CT11 9PW
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla -


More information about the freebsd-questions mailing list