Sendmail 8.14.5/8.14.5 on fbsd-9.1R (EC2)

Matthew Seaman m.seaman at
Sat Apr 27 08:39:50 UTC 2013

On 26/04/2013 16:51, jflowers wrote:
> All I want to do is have the MTA listen on port 1025 and have no
> sendmail process listen on the server interface.  That's being done by assp
> which proxies messages to  Unfortunately, I haven't been able
> to figure out how to turn off the default.  Sockstat shows:
> root     sendmail   1672  4  tcp4   *:25                  *:*
> root     sendmail   1672  5  tcp6   *:25                  *:*
> root     sendmail   1672  6  tcp4        *:*
> root     sendmail   1672  7  tcp4   111.222.333.444:587   *:*
> The relevant mc entries are:
> DAEMON_OPTIONS(`Name=IPv4, Family=inet')
> DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
> DAEMON_OPTIONS(`Port=1025, Addr=, Name=MTA')
> VIRTUSER_DOMAIN_FILE(`/etc/mail/virtual-domains')
> FEATURE(`no_default_msa')
> DAEMON_OPTIONS(`Port=587, Addr= 111.222.333.444, Name=MSA, M=E')
> The MSA isn't strictly necessary now but I thought might have a future use.
> So, what am I missing?  How do I turn *:25 off so that when assp goes down (as
> it frequently does) I'm not running an open relay (all user/domain validation
> is done in assp).
> Any pointers in the right direction appreciated.

You pretty much already have the answer already.  Add 'Addr='
or 'Addr=::1' clauses to your first two DAEMON_OPTIONS lines.  That will
limit sendmail to listening on port 25 only on the loopback interface.

Or indeed, remove those two lines entirely to leave sendmail only
listening on port 587.  This should not prevent sendmail from sending
outgoing messages, but will prevent any incoming.



Dr Matthew J Seaman MA, D.Phil.

JID: matthew at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 268 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the freebsd-questions mailing list