Hello all, I recently replaced a localhost listening sendmail daemon with SSMTP on FreeBSD 8.2. SSMTP does not have the ability to bind to a socket (as for as I know). It's an MTA that transfers mail when another program invokes it. I started using SSMTP for mailing my script outputs because it's very easy to set up. Anyways, SSMTP replaced sendmail on my system, which was working fine with OSSEC. However, with the installation of SSMTP OSSEC cannot send mail to my mail server.
I was wondering if anyone has been able to get this to work and/or if it's possible without code changes. Since it doesn't open a socket I can't set the listening address in ossec.conf. I tried sending directly to my mail server via OSSEC's maild but my mail server rejects the HELO message. I did follow the guide to modify sendmail.c, I changed it to EHLO as my mail server uses the ESMTP spec. I verified that the code change worked by using tcpdump, I *do* see the EHLO message when looking at the traffic. I can use telnet and send mail just fine by greeting the server with EHLO server.com ...MAIL FROM...RCPT TO.. DATA etc. Though for some reason I can't get OSSEC to do the same. The log shows: Hello not accepted by server:tfix I can't figure out what *tfix* means. Either way, SSMTP or via maild, any ideas/hints/help is appreciated. Thanks Jon
