FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-19-2011, 04:07 AM
Craig White
 
Default {Disarmed} telnet on local LAN question

On Thu, 2011-08-18 at 20:47 -0700, Paul Allen Newell wrote:
> [root@yoyo ~]# netstat -anp | grep ":25"
> tcp 0 0 127.0.0.1:25 0.0.0.0:*
> LISTEN 1510/sendmail: acce
> [root@yoyo ~]# netstat -anp | grep ":23"
> [root@yoyo ~]#
> +++
>
> I'm staring at man netstat and the description of local address,
> foreign address, and state ... but not certain what it really means in
> context of your question regarding listening ... I think I am supposed
> to assume that this output means 127.0.0.1:25 is listening to anything
> sent from 0.0.0.0:* ?
----
I believe that means that you can only connect to port 25 from localhost
and not any other computer.

It's been many years since I used sendmail (I heavily recommend postfix)
but I think if you edit /etc/mail/sendmail.mc and find the section...

dnl # The following causes sendmail to only listen on the IPv4 loopback
address
dnl # 127.0.0.1 and not on any other network devices. Remove the
loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

and chnage the last line to
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

and restart sendmail to enable it to listen on all your network
interfaces.

Note that you then have to edit /etc/mail/access to control who can
'relay' email (and restart sendmail again).

also note that generally running your own smtp server requires you to
have a dns server so you have an mx record so it becomes obvious which
server receives e-mail for your domain.

Craig


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2011, 04:23 AM
Paul Allen Newell
 
Default {Disarmed} telnet on local LAN question

On 8/18/2011 9:07 PM, Craig White wrote:
> On Thu, 2011-08-18 at 20:47 -0700, Paul Allen Newell wrote:
>> [root@yoyo ~]# netstat -anp | grep ":25"
>> tcp 0 0 127.0.0.1:25 0.0.0.0:*
>> LISTEN 1510/sendmail: acce
>> [root@yoyo ~]# netstat -anp | grep ":23"
>> [root@yoyo ~]#
>> +++
>>
>> I'm staring at man netstat and the description of local address,
>> foreign address, and state ... but not certain what it really means in
>> context of your question regarding listening ... I think I am supposed
>> to assume that this output means 127.0.0.1:25 is listening to anything
>> sent from 0.0.0.0:* ?
> ----
> I believe that means that you can only connect to port 25 from localhost
> and not any other computer.
>
> It's been many years since I used sendmail (I heavily recommend postfix)
> but I think if you edit /etc/mail/sendmail.mc and find the section...
>
> dnl # The following causes sendmail to only listen on the IPv4 loopback
> address
> dnl # 127.0.0.1 and not on any other network devices. Remove the
> loopback
> dnl # address restriction to accept email from the internet or intranet.
> dnl #
> DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
>
> and chnage the last line to
> dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
>
> and restart sendmail to enable it to listen on all your network
> interfaces.
>
> Note that you then have to edit /etc/mail/access to control who can
> 'relay' email (and restart sendmail again).
>
> also note that generally running your own smtp server requires you to
> have a dns server so you have an mx record so it becomes obvious which
> server receives e-mail for your domain.
>
> Craig
>
>
Craig:

Thanks, I found that line in sendmail.mc and think I understand what it
is doing ... and what your suggestion do commenting it out will do. I've
begun googling about /etc/mail/access and that's going to take some time.

Though this potentially solve the larger question of allowing email to
be received on my 192.168.2.x LAN, I need to ask if you are implying
that doing this in sendmail.mc et al means that I don't have to do
anything with iptables for the mail / mailx issue?

And it still leaves me with a failure in my learning exercise about not
being able to tell my machines that they should accept my "test telnet"
from other machines in my LAN. I don't want to waste folks time on a
test that I don't need, but I feel there is something about
communication between machines that I am not getting ... and need to if
I am going to consider a more elegant LAN setup

Paul
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2011, 04:25 AM
Craig White
 
Default {Disarmed} telnet on local LAN question

On Thu, 2011-08-18 at 21:25 -0700, Paul Allen Newell wrote:
> On 8/18/2011 9:23 PM, Paul Allen Newell wrote:
> > On 8/18/2011 9:07 PM, Craig White wrote:
> >> On Thu, 2011-08-18 at 20:47 -0700, Paul Allen Newell wrote:
> I am not certain how the word "{Disarmed}" got into the subject ???
----
came from my mail server (mailscanner) - ignore it

Craig


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2011, 04:25 AM
Paul Allen Newell
 
Default {Disarmed} telnet on local LAN question

On 8/18/2011 9:23 PM, Paul Allen Newell wrote:
> On 8/18/2011 9:07 PM, Craig White wrote:
>> On Thu, 2011-08-18 at 20:47 -0700, Paul Allen Newell wrote:
I am not certain how the word "{Disarmed}" got into the subject ???

Paul
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2011, 04:30 AM
Craig White
 
Default {Disarmed} telnet on local LAN question

On Thu, 2011-08-18 at 21:23 -0700, Paul Allen Newell wrote:
> On 8/18/2011 9:07 PM, Craig White wrote:
> > On Thu, 2011-08-18 at 20:47 -0700, Paul Allen Newell wrote:
> >> [root@yoyo ~]# netstat -anp | grep ":25"
> >> tcp 0 0 127.0.0.1:25 0.0.0.0:*
> >> LISTEN 1510/sendmail: acce
> >> [root@yoyo ~]# netstat -anp | grep ":23"
> >> [root@yoyo ~]#
> >> +++
> >>
> >> I'm staring at man netstat and the description of local address,
> >> foreign address, and state ... but not certain what it really means in
> >> context of your question regarding listening ... I think I am supposed
> >> to assume that this output means 127.0.0.1:25 is listening to anything
> >> sent from 0.0.0.0:* ?
> > ----
> > I believe that means that you can only connect to port 25 from localhost
> > and not any other computer.
> >
> > It's been many years since I used sendmail (I heavily recommend postfix)
> > but I think if you edit /etc/mail/sendmail.mc and find the section...
> >
> > dnl # The following causes sendmail to only listen on the IPv4 loopback
> > address
> > dnl # 127.0.0.1 and not on any other network devices. Remove the
> > loopback
> > dnl # address restriction to accept email from the internet or intranet.
> > dnl #
> > DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
> >
> > and chnage the last line to
> > dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
> >
> > and restart sendmail to enable it to listen on all your network
> > interfaces.
> >
> > Note that you then have to edit /etc/mail/access to control who can
> > 'relay' email (and restart sendmail again).
> >
> > also note that generally running your own smtp server requires you to
> > have a dns server so you have an mx record so it becomes obvious which
> > server receives e-mail for your domain.
> >
> > Craig
> >
> >
> Craig:
>
> Thanks, I found that line in sendmail.mc and think I understand what it
> is doing ... and what your suggestion do commenting it out will do. I've
> begun googling about /etc/mail/access and that's going to take some time.
>
> Though this potentially solve the larger question of allowing email to
> be received on my 192.168.2.x LAN, I need to ask if you are implying
> that doing this in sendmail.mc et al means that I don't have to do
> anything with iptables for the mail / mailx issue?
>
> And it still leaves me with a failure in my learning exercise about not
> being able to tell my machines that they should accept my "test telnet"
> from other machines in my LAN. I don't want to waste folks time on a
> test that I don't need, but I feel there is something about
> communication between machines that I am not getting ... and need to if
> I am going to consider a more elegant LAN setup
----
I'm not going to get into the iptables stuff... first of all, you had a
bunch of people tossing all sorts of ideas your way and secondly, it
just seemed to be a waste of time. If you have a router/firewall on your
LAN, you could easily just disable iptables on any systems inside your
LAN... certainly for now while you are setting up and configuring things
and not allowing yourself to be sidetracked.

One of the most important things on a list like this is when you get a
whole bunch of answers, you have to sort of filter them so you don't
waste your time.

netstat -an|grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:*
LISTEN
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@srv2:~# telnet 192.168.2.5 25
Trying 192.168.2.5...
Connected to 192.168.2.5.
Escape character is '^]'.
220 srv2.azapple.com ESMTP Postfix
QUIT
221 2.0.0 Bye
Connection closed by foreign host.

Craig



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 12:46 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org