Sendmail Question

Cowles, Steve steve at stevecowles.com
Sun May 16 12:40:02 UTC 2004


Ow Mun Heng wrote:
> Is this correct behaviour? I thought that to send emails you need to
> either be authenticated (SMTP auth) or be on the same IPs as your
> ISP?? 
> 
> Or is this what's happening? Sendmail is actually querying DNS root
> servers and then upon getting the MX server, it connects straight to
> port 25 of that MX Server and sends it? If that's the case, what's
> stopping it from being a relay???
> 
> /curious

By default, redhat configures sendmail (actually sendmail.mc) to only accept
smtp requests from localhost. You would have to override that setting to
have sendmail accept smtp requests from other hosts on your LAN. The maillog
entry prior to the one you posted should show where the e-mail in question
was submitted from. Based on your post where you stated you have NOT
modified sendmail.mc, I'd be willing to bet it was submitted from localhost.
Take a look!

As for your concern about being an open-relay... even if you were to modify
sendmail.mc and allow sendmail to accept smtp connections from another host
on your LAN, there are some additional settings that define exactly what can
be relayed. These settings are usually defined in /etc/mail/access with the
RELAY statement. Again, by default only localhost is allowed to relay.

Further reading should include /usr/share/sendmail-mc/README. Search for the
keywords "relay" and "access_db".

Steve Cowles





More information about the fedora-list mailing list