How can I stop sendmail from listening on Sol 10?
[251 byte] By [Lockerby] at [2007-11-25 23:40:36] 
In previous versions of Solaris, all I needed to do was run sendmail with MODE="" (/etc/default/sendmail). In Solaris 10, if I do that no mail is sent. How can I still send email while not listening for incoming?Thanks in advance!
# 1
There is a suggestion in this thread that should help:
http://forum.sun.com/thread.jspa?threadID=23792&messageID=103320
"The other alternative is since sendmail in Solaris 10 uses tcp_wrappers, to set you /etc/hosts.allow;deny to only allow localhost to contact sendmail"
pmcnab at 2007-7-5 18:48:23 >
# 2
You can generate your own submit.cf and sendmail.cf files (Sun now ships the necessary m4 macros to do this!).
In submit.cf, include:
FEATURE(`msp', `[127.0.0.1]')dnl
and in sendmail.cf, include:
DAEMON_OPTIONS(`NAME=LocalMTA, Family=inet, Addr=127.0.0.1')dnl
The latter directs sendmail to only accept connections on the loopback (127.0.0.1) address, and the former tells the submit process to send it there.
jrg_work at 2007-7-5 18:48:23 >
# 3
or you could simply run svcadm and disable sendmail. implicate_order at 2007-7-5 18:48:23 >
# 4
wouldn't svcadm disable also stop outgoing mail? assuming one doesn't have another MTA setup of course. kryspy at 2007-7-5 18:48:23 >
# 5
> wouldn't svcadm disable also stop outgoing mail?
> assuming one doesn't have another MTA setup of course.
Yup, that's why you need to do what was mentioned two replies ago.
Sendmail won't send via the network but will still accept mail sent from the machine to a user on the same machine via the loopback adapter. In the old days you didn't need to do that but times have changed.
alan
alan_pae at 2007-7-5 18:48:23 >
# 6
That's the way I understood it, just wanted to clarify that disabling the sendmail service would also disable outgoing mail. Thanks. kryspy at 2007-7-5 18:48:23 >
# 7
(I meant submit.mc and sendmail.mc, in /etc/mail/cf/ of course! then regenerate the submit.cf and sendmail.cf files.) jrg_work at 2007-7-5 18:48:23 >
# 8
You don't need to rebuild your sendmail.cf or use tcpwrappers or disable sendmail completely. Disabling sendmail will NOT stop all outgoing mail. However, if you disable sendmail and try to send an outgoing mail and the mail doesn't go through on the first try, sendmail will not retry. IIRC it will also cause /bin/mail or mailx to use the sendmail.mc instead of sendmai cf (not sure about that).
Disabling sendmail completely IS the right thing to do if you are not going to be sending outgoing mail. If you still want to send outgoing mail and disallow all incoming connections you have two alternatives. I think this is what you were asking about.
- Run sendmail -q periodically out of cron. See above sideffects about sendmail.mc, etc.
- Add this line to /etc/default/sendmail. This is what I prefer:
MODE="-bd -ODaemonPortOptions=Addr=127.0.0.1"
This option is in TFM for sendmail. (You can put it in sendmail.cf also.)
This makes sendmail behave normally, but only localhost will be able to connect to it.
wsanders at 2007-7-5 18:48:23 >
# 9
Thanks, wsanders! Bjorn_Brenander at 2007-7-5 18:48:23 >
# 10
Sir,Would you happen to know how to harden the Solaris 10 server to not permit the sendmail help feature to function? Referencing STIG GEN004540-Sendmail Help Command: The sendmail help command is not disabled.Thanks,Jeff jgrant746 at 2007-7-5 18:48:23 >
# 11
Never mind. I got it. Renamed the helpfile.Thanks.Jeff jgrant746 at 2007-7-5 18:48:23 >
General New Topic
General Hot Topic
General
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding