FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS
Reload this Page Sendmail, localloop, and iptables -- should I be more paranoid?

 
 
LinkBack Thread Tools
 
Old 11-22-2010, 02:11 PM
Robert Moskowitz
 
Default Sendmail, localloop, and iptables -- should I be more paranoid?
By default, sendmail only listens on the localloop:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

But by default to allow sendmail to even work the iptables entry is:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j
ACCEPT

Without this, sendmail can't even connect to localloop. But should I
handedit this line to something like:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -d 127.0.0.1
--dport 25 -j ACCEPT

And once you handedit iptables, you can't use the gnome firewall applet,
I suspect...



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:47 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -