Very Computer

Hi All,

There are RH 7.1 and sendmail is compiled from sources as it seems without
support tcp_wrappers.

Problem : I do not see port smtp outside.

On the firewall the port smtp is open.

command netstat -a

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 *:1024 *:* LISTEN

tcp 0 0 *:pop3 *:* LISTEN

tcp 0 0 *:imap *:* LISTEN

tcp 0 0 *:sunrpc *:* LISTEN

tcp 0 0 *:ssh *:* LISTEN

tcp 0 0 *:telnet *:* LISTEN

tcp 0 0 localhost.localdom:smtp *:* LISTEN

Has added the file smtp in the directory /etc/xinetd.d/:

service smtp

{

disable = no

flags = REUSE NAMEINARGS

socket_type = stream

protocol = tcp

wait = no

user = root

server = /usr/sbin/tcpd

server_args = /usr/lib/sendmail -bs

Quote:}

Has added in the file hosts.allow

sendmail: ALL

smtp: ALL

/etc/rc.d/init.d/xinetd restart.

Anything has not helped.

Any ideas ?

--
Boris Skoblo
Network Administrator & PC Support Persone
Technion Research & Development Foundation

Yeah, don't start from xinetd.

--
  Rob MacGregor (MCSE) [PGP key ID 0x1F5239DD]
      The light at the end of the tunnel is an oncoming dragon.

Question intelligently: http://www.tuxedo.org/~esr/faqs/smart-questions.html

Bzzzt!!! Redhat compiles sendmail *with* support for tcp_wrappers.

Quote:

> Problem : I do not see port smtp outside.

> On the firewall the port smtp is open.

> command netstat -a

> Any ideas ?

From the sendmail.org FAQ.... Hint: edit sendmail.mc and re-build your
sendmail.cf file using m4

Steve Cowles

----------------------------------------------------------
5.3.3 -- Why can't I receive mail with Red Hat 7.1?
Date: May 3, 2001
Updated: June 11, 2001

Red Hat changed the way that sendmail is run. They decided that most people
need a client-only version of sendmail. So it is listening only on the
localhost interface. Check the RH documentation on how to change that:

Make sure that you have installed the "sendmail-cf" package on your
system -- it should be on your install media.
Then check the file "sendmail.mc" (probably in "/etc/mail"). Look for the
string "DAEMON_OPTIONS" and for the comment lines near that string.

Also note that Red Hat 7.1 builds sendmail with tcpwrapper support, and
provides a hosts.deny file that rejects all external mail. The sendmail:ALL
addition to hosts.allow fixes this.

Boris,

I believe Redhat 7.1 is setup by default to not accept inbound e-mail - only send outbound.  You may change this behavior by
re-creating the sendmai.cf file.

To do this, find the sendmail.mc file.  I believe it should be located in the /usr/share/cf/cf directory but do a "locate
sendmail.mc" for verification.  They have moved the CF files since 6.2.

Edit the sendmail.mc and follow the comment lines explaining how to allow sendmail to receive messages (you need to remark a
particular line).

After changing sendmail.mc create a new sendmail.cf by running the command:

./Build sendmail.cf

in the ../cf/cf directory.  You may then move the new sendmail.cf to /etc or /etc/mail depending upon where the original is located
(again I am not familar with the Redhat RPM version).

You should probably run sendmail as a daemon not using xinetd.  Try this:

/usr/sbin/sendmail -bd -q1h &

This will run sendmail in daemon mode and process the queue every hour.  You should have a sendmail init script under
/etc/rc.d/rc3.d or /etc/rc.d/rc5.d  depending upon your run-level.  If you do not then create a link from /etc/rc.d/init.d/.

Good luck,

Paul Borghese

If it is the red hat sendmail, it does obey hosts.allow -

Quote:> Problem : I do not see port smtp outside.

> On the firewall the port smtp is open.

Yes, that is the default case - very secure, so
some newbie setting up a red hat box doesn't
inflict another open spam relay on the world.

<snip diagnostics>

Quote:> Has added the file smtp in the directory /etc/xinetd.d/:

What? why running from inetd?

Quote:> Has added in the file hosts.allow

> sendmail: ALL

This is correct

Quote:> smtp: ALL

not needed, does nothing

Quote:> Any ideas ?

1. get rid of the xinetd stuff unless you have some
really unusual need for sendmail to run from inetd.

2. edit /etc/mail/sendmail.mc and change the line that says:

DAEMON_OPTIONS(`Port=smtp, Addr=127.0.0.1, Name=MTA')

to say instead:

DAEMON_OPTIONS(`Port=smtp,Name=MTA')

3. in the /etc/mail directory, type the following command:

m4 < sendmail.mc > sendmail.cf

4. if needed, save the current /etc/sendmail.cf

5. cp /etc/mail/sendmail.cf /etc

6. "service sendmail restart"

7. put the MTA to work.

It was decided that it was better to have the
default configuration be more secure than
not, since those who want to set up a more
serious mail server will figure it out - better
than having to try and train every newbie how
to secure an open relay!

cu

jjs

Many Thanks
It is working
--
Boris

Quote:> Hi All,

> There are RH 7.1 and sendmail is compiled from sources as it seems without
> support tcp_wrappers.

> Problem : I do not see port smtp outside.

> On the firewall the port smtp is open.

> command netstat -a

> Active Internet connections (servers and established)

> Proto Recv-Q Send-Q Local Address Foreign Address State

> tcp 0 0 *:1024 *:* LISTEN

> tcp 0 0 *:pop3 *:* LISTEN

> tcp 0 0 *:imap *:* LISTEN

> tcp 0 0 *:sunrpc *:* LISTEN

> tcp 0 0 *:ssh *:* LISTEN

> tcp 0 0 *:telnet *:* LISTEN

> tcp 0 0 localhost.localdom:smtp *:* LISTEN

> Has added the file smtp in the directory /etc/xinetd.d/:

> service smtp

> {

> disable = no

> flags = REUSE NAMEINARGS

> socket_type = stream

> protocol = tcp

> wait = no

> user = root

> server = /usr/sbin/tcpd

> server_args = /usr/lib/sendmail -bs

> }

> Has added in the file hosts.allow

> sendmail: ALL

> smtp: ALL

> /etc/rc.d/init.d/xinetd restart.

> Anything has not helped.

> Any ideas ?

> --
> Boris Skoblo
> Network Administrator & PC Support Persone
> Technion Research & Development Foundation