Change Sendmail Port?

Paul Howarth paul at city-fan.org
Sun Sep 11 11:09:52 UTC 2005 

On Sat, 2005-09-10 at 20:30 -0700, Corey Head wrote:
> -- Corey Head <coreyhead at yahoo.com> wrote:
> Umm...I meant I would like to change the port
> > that
> > > users send mail
> > > > from...i.e. connect to the  server.  Is that not
> > > possible?  I was
> > > > thinking port 587 for sending, but does that
> > mean
> > > every server coming
> > > > into my server has to know that?  I am running
> > > into the problem with
> > > > roving users that have home ISPs that are
> > blocking
> > > port 25 from their
> > > > lines.  So, users have to go in and change their
> > > mail servers when they
> > > > get home, then change back when back in the
> > > office.  Does that make a
> > > > little more sense?
> > > 
> > > Users should always use 587. 25 is for
> > > server-to-server.
> > > 
> > > Use "lsof -i | grep sendmail" to see if your
> > server
> > > is listening on both 
> > > ports.
> > OK...the out put of that command gave me:
> > sendmail  12817    root    3u  IPv4 4777305      
> > TCP
> > *:submission (LISTEN)
> > 
> > This is when I did what it looks like you're
> > supposed
> > to do for the .mc file and activate this line:
> > 
> > DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
> > 
> > I rebuild/restart sendmail and no other server will
> > talk to mine on port 25.  The .mc file says it will
> > listen on both.  Is there something else I'm
> > supposed
> > to activate/deactivate?
> > Thanks!
> > Corey  
> OK...so I think I've figured it out.  I added this
> line to my sendmail.mc file:
> 
> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl 
> 
> and additionally uncommented this line
> 
> DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
> 
> Things are working like a charm now.  I wonder,
> however, if that first line causes any possible
> security risks?

I have:

DAEMON_OPTIONS(`Port=smtp, Name=MTA,
InputMailFilters=headercheck-milter;spamassassin')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl

so what you've got looks fine. It does of course mean that you have
sendmail listening on port 25 put you're not going to receive any mail
without that.

>   I'm having quite the time finding
> much on this particular issue on the net...get a lot
> of sample sendmail.mc files in a Google search...but
> not anything with answers about this particular port
> part. 

There's lots of useful stuff in /usr/share/sendmail-cf/README

> If anyone knows of a security risk with this,
> please let me know!

This is a standard sendmail setup. Any security docs you see for
sendmail should apply.

Paul.
-- 
Paul Howarth <paul at city-fan.org>

More information about the fedora-list mailing list