Find the answer to your Linux question:
Results 1 to 6 of 6
Hi all, I want to accept 2 connections(10.182.4.113 and 10.182.3.113) and deny all other connections to my sendmail server. my access tablle entry is Code: /etc/mail/access # by default we ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Guru Lakshmipathi's Avatar
    Join Date
    Sep 2006
    Location
    3rd rock from sun - Often seen near moon
    Posts
    1,758

    Smile Urgent help -- How to deny access to sendmail??


    Hi all,
    I want to accept 2 connections(10.182.4.113 and 10.182.3.113) and deny all other connections to my sendmail server.

    my access tablle entry is
    Code:
    /etc/mail/access
    # by default we allow relaying from localhost...
    localhost.localdomain           RELAY
    localhost                       RELAY
    127.0.0.1                       RELAY
    10.182.4.113                    RELAY
    10.182.3.113                    RELAY
    Look forward for your help
    First they ignore you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
    -----
    FOSS India Award winning ext3fs Undelete tool www.giis.co.in. Online Linux Terminal http://www.webminal.org

  2. #2
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,211
    You could use iptables to accept tcp traffic to your smtp port (I think this is port 25) from these two addresses, then reject it from any other source.
    "I'm just a little old lady; don't try to dazzle me with jargon!"
    www.hrussman.entadsl.com

  3. #3
    Linux Newbie mazer's Avatar
    Join Date
    Jul 2006
    Location
    Tucson, Arizona, USA
    Posts
    109
    Quote Originally Posted by Lakshmipathi View Post
    Hi all,
    I want to accept 2 connections(10.182.4.113 and 10.182.3.113) and deny all other connections to my sendmail server.

    my access tablle entry is
    Code:
    /etc/mail/access
    # by default we allow relaying from localhost...
    localhost.localdomain           RELAY
    localhost                       RELAY
    127.0.0.1                       RELAY
    10.182.4.113                    RELAY
    10.182.3.113                    RELAY
    Look forward for your help

    You could also use hosts.deny and hosts.allow in order to configure your system.
    For example, in hosts.deny you could write:
    sendmail: ALL

    And in hosts.allow:
    sendmail: "the ip address you want to allow"

    I am not sure if the syntax of hosts.allow and hosts.deny changes depending on the OS.
    Just type "man hosts.allow" and "man hosts.deny" to find more information for your OS.

    Cheers,
    Mazer
    I was seduced by SUSE 5.1.
    Registered Linux User #451562

  4. #4
    Linux Guru Lakshmipathi's Avatar
    Join Date
    Sep 2006
    Location
    3rd rock from sun - Often seen near moon
    Posts
    1,758

    Smile

    Thanks hazel & mazer.
    As i don't know abt iptables,I think modifing /etc/hosts.allow , hosts.deny suits my requirement.I read about these two and found a new file /etc/inetd.conf.
    Do i need to create this inetd.conf file too? currently i don't have this file.
    First they ignore you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
    -----
    FOSS India Award winning ext3fs Undelete tool www.giis.co.in. Online Linux Terminal http://www.webminal.org

  5. #5
    Linux Newbie mazer's Avatar
    Join Date
    Jul 2006
    Location
    Tucson, Arizona, USA
    Posts
    109
    Quote Originally Posted by Lakshmipathi View Post
    Thanks hazel & mazer.
    As i don't know abt iptables,I think modifing /etc/hosts.allow , hosts.deny suits my requirement.I read about these two and found a new file /etc/inetd.conf.
    Do i need to create this inetd.conf file too? currently i don't have this file.
    Hi Lakshmipathi,
    you do not need the /etc/inetd.conf. I even like that you do not have installed that service.
    inetd.conf configures some daemons like ftpd, telnetd, fingerd and so on that you do not really need (these days) and that are only a security risk. Inetd.conf handles how these daemons have to respond when somebody from the internet tries to access your computer using those daemons. I do not think that you can use inetd to restrict sendmail, but I am not sure about that. I am sure however that hosts.allow and hosts.deny do this job as well. When I configure my computers I always try to deinstall all services (daemons) which are not really necessary in order to decrease the security risk on these machines.

    Hope this helps,
    Mazer
    I was seduced by SUSE 5.1.
    Registered Linux User #451562

  6. #6
    Linux Guru Lakshmipathi's Avatar
    Join Date
    Sep 2006
    Location
    3rd rock from sun - Often seen near moon
    Posts
    1,758

    Smile

    .Thanks mazer...Thanks for valuable info.
    First they ignore you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
    -----
    FOSS India Award winning ext3fs Undelete tool www.giis.co.in. Online Linux Terminal http://www.webminal.org

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •