O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  



Restrict what sendmail listens to
If you only use sendmail internally, you don't need to listen to outside hosts. That's one of the easiest ways of protecting yourself from sendmail abuse.

Contributed by:
JimRamsey
[01/12/05 | Discuss (0) | Link to this hack]

I use sendmail internally only to deal with the various messages Linux likes to send me, e.g. logwatch. On my firewall machine which is 192.168.0.1, I have the following lines in sendmail.mc. DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl DAEMON_OPTIONS(`Port=smtp,Addr=192.168.0.1, Name=MTA')dnl So rather than listening to all port 53 traffic, I only listen on my own host and localhost. Any port 53 traffic from the outside world is simply ignored.


O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.