How can we block the tcp/25 Services with tcp wrapper under Solaris10?
The entry in /etc/hosts.deny "smtp: ALL" dosn't work...
We can still connect with -> telnet host 25
thanks for your support
What you're looking for is in /etc/mail/sendmail.cf:
# SMTP daemon options
O DaemonPortOptions=Port=587, Name=MSA, M=E
Jens Goerke, mobilcom Server Systeme
Postadresse: Mobilcom, Hollerstr. 126, 24782 Buedelsdorf
Besucheradresse: Am Friedrichsbrunnen, Ahlmannhallen
Tel: +49-(0)4331-69-5505 Fax: +49-(0)4331-69-5588
> That's because sendmail isn't called by inetd but does the listening
> on tcp/25 itself, so tcp wrappers aren't involved.
To the OP: I haven't tried, but I think you need to specify "sendmail"
instead of "smtp" in the hosts.deny file.
Systems Administrator | Institute of Scientific Computing | Univ. of Vienna
Have you tried to send mail through the telnet, or are you just checking
whether the TCP connection succeeds?
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
I am forwarding all incoming mail to an internal mail server using ip
tables and a linux firewall.
I am using DNAT to forward all incoming mail:
iptables -A PREROUTING -t nat -p tcp -d 172.16.1.98 --dport 25 -j DNAT --to
Now this works fine but opens a hole since anyone can telnet to port 25
and have a connection. How can I prevent this from happening?