Doug Hardie wrote:
On May 22, 2007, at 10:46, Maxim Khitrov wrote:
> # Deny sendmail to all clients (temporary)
> sendmail : all : deny


tcp wrappers must be coded into the application. The call which actually checks the access permissions in the hosts.allow file is hosts_access() (see man hosts_access). Checking through the sendmail

I have to disagree with that.  I run unmodified 8.13.8 on 6.2, and it DOES 
respect hosts.allow.  Just not in the way you might assume.

I can telnet to port 25, it allows connections from *anywhere*, and will respond to a HELO.  It's not until I 
give it a "mail to:" that it protests with "550 5.0.0 Access denied".  I use 
"FEATURE(delay_checks)" in the cf file, which may have some effect on this.

The log file shows:
May 22 14:56:47 cartman sm-mta[74026]: l4MIullh074026: tcpwrappers (unknown, 
192.31.130.140) rejection

The actual options & version look like:
$ sendmail -bp -d0.1
Version 8.13.8
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
               NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SCANF
               STARTTLS TCPWRAPPERS USERDB XDEBUG
$ uname -rms
FreeBSD 6.2-RELEASE i386


  -RW

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to