[suse-security] sendmail, 8.11.0, mail from, access denied
Hi,
I have a problem with SuSe V7.0 Professional and sendmail. My sendmail does not
accept any "mail from: ...", it always returns "access denied".
I tried this while telneting to port 25. After the EHLO I tried a MAIL FROM:
Robert Rinnberger wrote:
Hi,
I have a problem with SuSe V7.0 Professional and sendmail. My sendmail does not accept any "mail from: ...", it always returns "access denied".
I tried this while telneting to port 25. After the EHLO I tried a MAIL FROM:
. After that, sendmail returns "acces denied". There seems to be a problem with sendmail and I installed the sendmail-patch 8.11.1 from the SuSe ftp-server, but without sucess. The /etc/mail/access is configured properly also the /etc/rc.config.d/sendmail.rc.config. I have another mail server with an older version of sendmail, same configuration, which works without problems.
Any ideas?
just a guess. Sendmail is compiled using the tcpwrapper library. If you use hosts.deny / hosts.allow you'll need an entry like: sendmail: LOCAL, .your.domain I searched ages. ;-( Juergen -- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\
Hi Juergen,
your guess was the right thing. I use the hosts.allow and hosts.deny. My
entry looks now like this:
/etc/hosts.allow
....
sendmail: ALL
Because my sendmail is the relayer to and from the internet I have to allow
ALL to access sendmail.
The only thing I wonder, that there is no logging in /var/log/messages for
sendmail. Any other service,
which is allowed or denied by tcpwrapper creates an entry in the messages
file.
Thanks a lot,
Robert
----- Original Message -----
From:
just a guess. Sendmail is compiled using the tcpwrapper library. If you use hosts.deny / hosts.allow you'll need an entry like:
sendmail: LOCAL, .your.domain
I searched ages. ;-(
Juergen
-- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\
Robert, This is probably because sendmail itself is compiled with the tcp wrappers libraries (libwrap) and so it's responsible for doing its own logging. Using the libwrap library only causes an application to use the routines that check the /etc/hosts.[allow,deny] files and allow or deny access but it doesn't use tcp wrappers' logging mechanism. The same is true of other applications (such as ssh) that can be compiled using libwrap. In order to see the error messages from sendmail I'm guessing you'd have to adjust the LogLevel parameter in your sendmail.cf to a higher number, but I haven't tried it so I don't know for sure. John Ritchie On Wed, 8 Nov 2000, Robert Rinnberger wrote:
Hi Juergen,
your guess was the right thing. I use the hosts.allow and hosts.deny. My entry looks now like this:
/etc/hosts.allow .... sendmail: ALL
Because my sendmail is the relayer to and from the internet I have to allow ALL to access sendmail. The only thing I wonder, that there is no logging in /var/log/messages for sendmail. Any other service, which is allowed or denied by tcpwrapper creates an entry in the messages file.
Thanks a lot, Robert ----- Original Message ----- From:
To: "Robert Rinnberger" Cc: Sent: Monday, November 06, 2000 9:40 PM Subject: Re: [suse-security] sendmail, 8.11.0, mail from, access denied just a guess. Sendmail is compiled using the tcpwrapper library. If you use hosts.deny / hosts.allow you'll need an entry like:
sendmail: LOCAL, .your.domain
I searched ages. ;-(
Juergen
-- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (4)
-
GMarten@t-online.de
-
John Ritchie
-
juergen.braukmann@ruhr-west.de
-
Robert Rinnberger