Change Sendmail Port?
Paul Howarth
paul at city-fan.org
Sun Sep 11 11:09:52 UTC 2005
On Sat, 2005-09-10 at 20:30 -0700, Corey Head wrote:
> -- Corey Head <coreyhead at yahoo.com> wrote:
> Umm...I meant I would like to change the port
> > that
> > > users send mail
> > > > from...i.e. connect to the server. Is that not
> > > possible? I was
> > > > thinking port 587 for sending, but does that
> > mean
> > > every server coming
> > > > into my server has to know that? I am running
> > > into the problem with
> > > > roving users that have home ISPs that are
> > blocking
> > > port 25 from their
> > > > lines. So, users have to go in and change their
> > > mail servers when they
> > > > get home, then change back when back in the
> > > office. Does that make a
> > > > little more sense?
> > >
> > > Users should always use 587. 25 is for
> > > server-to-server.
> > >
> > > Use "lsof -i | grep sendmail" to see if your
> > server
> > > is listening on both
> > > ports.
> > OK...the out put of that command gave me:
> > sendmail 12817 root 3u IPv4 4777305
> > TCP
> > *:submission (LISTEN)
> >
> > This is when I did what it looks like you're
> > supposed
> > to do for the .mc file and activate this line:
> >
> > DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
> >
> > I rebuild/restart sendmail and no other server will
> > talk to mine on port 25. The .mc file says it will
> > listen on both. Is there something else I'm
> > supposed
> > to activate/deactivate?
> > Thanks!
> > Corey
> OK...so I think I've figured it out. I added this
> line to my sendmail.mc file:
>
> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
>
> and additionally uncommented this line
>
> DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
>
> Things are working like a charm now. I wonder,
> however, if that first line causes any possible
> security risks?
I have:
DAEMON_OPTIONS(`Port=smtp, Name=MTA,
InputMailFilters=headercheck-milter;spamassassin')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
so what you've got looks fine. It does of course mean that you have
sendmail listening on port 25 put you're not going to receive any mail
without that.
> I'm having quite the time finding
> much on this particular issue on the net...get a lot
> of sample sendmail.mc files in a Google search...but
> not anything with answers about this particular port
> part.
There's lots of useful stuff in /usr/share/sendmail-cf/README
> If anyone knows of a security risk with this,
> please let me know!
This is a standard sendmail setup. Any security docs you see for
sendmail should apply.
Paul.
--
Paul Howarth <paul at city-fan.org>
More information about the fedora-list
mailing list