Re: turning off exim on port 25
Ummm, maybe it's just too late at night and I'm missing something, but I think you can do what you want by editing /etc/inetd.conf, and removing or commenting out the following line: smtp stream tcp nowait mail/usr/sbin/exim exim -bs --Rich Bryan Walton wrote: This may be a better question for another list. I am building a firewall for my home LAN. I have exim configured for local delivery only (the only thing I want it to do is move email from root to another userid). Even though I have configured exim for only local delivery, the exim daemon is still listening on port 25. Is there a flag I can use when starting up Exim so that it won't listen on port 25? Thanks, Bryan -- Bryan K. WaltonNetwork Operations Center Analyst Berbee...putting the E in businesshttp://www.berbee.com/ GPG fingerprint: BF68 340D A650 E2D7 86B9 FED5 DDFF 3EEE 3229 7B5D -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- _ Rich Puhek ETN Systems Inc. _
Re: turning off exim on port 25
That pretty much turns off exim altogether. While effective for disabling the Port 25 listen, it doesn't allow Bryan to use exim for his purposes. I think he's also using it in daemon mode rather than being run from inetd. At 01:22 AM 5/24/2001 -0500, Rich Puhek wrote: Ummm, maybe it's just too late at night and I'm missing something, but I think you can do what you want by editing /etc/inetd.conf, and removing or commenting out the following line: smtp stream tcp nowait mail/usr/sbin/exim exim -bs --Rich Bryan Walton wrote: This may be a better question for another list. I am building a firewall for my home LAN. I have exim configured for local delivery only (the only thing I want it to do is move email from root to another userid). Even though I have configured exim for only local delivery, the exim daemon is still listening on port 25. Is there a flag I can use when starting up Exim so that it won't listen on port 25? Thanks, Bryan -- Bryan K. WaltonNetwork Operations Center Analyst Berbee...putting the E in businesshttp://www.berbee.com/ GPG fingerprint: BF68 340D A650 E2D7 86B9 FED5 DDFF 3EEE 3229 7B5D -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- _ Rich Puhek ETN Systems Inc. _ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Eric N. Valor Webmeister/Inetservices Lutris Technologies [EMAIL PROTECTED] - This Space Intentionally Left Blank -
Re: turning off exim on port 25
On Wed, May 23, 2001 at 11:33:40PM -0700, Eric N. Valor wrote: That pretty much turns off exim altogether. Actually the script in /etc/init.d/ will start exim in stand-alone mode if you disable the listener in inetd.conf. So you will still have it listening on 25/tcp. While effective for disabling the Port 25 listen, it doesn't allow Bryan to use exim for his purposes. I think he's also using it in daemon mode rather than being run from inetd. I'm not sure whether exim will still do deliveries from the queue if you disable the tcp listener (I don't use exim), but if it does, I'd suggest shutting it off altogether. Just put an exit 0 at the top of the script. (Again I'm not sure if exim will still work correctly after that, and I don't have a box handy with exim on it to test... so try it out.) -- Jim B. [EMAIL PROTECTED]
Re: turning off exim on port 25
I'm pretty sure that you can either start it in inetd mode or daemon mode (from init.d/). It depends on how you config it at install. Also, I believe Bryan still wanted it to do internal delivery work, but just wanted to turn off the port 25 listen (can't do it without disabling exim). A better way to disable the daemon script would be to either remove the symlink in /etc/rcX.d (where X = your default run-mode as defined in /etc/inittab) or rename it from S??exim to K??exim in your default run-mode (either way works). At 06:58 AM 5/24/2001 +, Jim Breton wrote: On Wed, May 23, 2001 at 11:33:40PM -0700, Eric N. Valor wrote: That pretty much turns off exim altogether. Actually the script in /etc/init.d/ will start exim in stand-alone mode if you disable the listener in inetd.conf. So you will still have it listening on 25/tcp. While effective for disabling the Port 25 listen, it doesn't allow Bryan to use exim for his purposes. I think he's also using it in daemon mode rather than being run from inetd. I'm not sure whether exim will still do deliveries from the queue if you disable the tcp listener (I don't use exim), but if it does, I'd suggest shutting it off altogether. Just put an exit 0 at the top of the script. (Again I'm not sure if exim will still work correctly after that, and I don't have a box handy with exim on it to test... so try it out.) -- Jim B. [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Eric N. Valor Webmeister/Inetservices Lutris Technologies [EMAIL PROTECTED] - This Space Intentionally Left Blank -
Re: turning off exim on port 25
From: Eric N. Valor [EMAIL PROTECTED] To: Jim Breton [EMAIL PROTECTED],Debian-User Mailing List debian-user@lists.debian.org,debian-firewall@lists.debian.org Subject: Re: turning off exim on port 25 Date: Thu, 24 May 2001 00:22:12 -0700 I'm pretty sure that you can either start it in inetd mode or daemon mode (from init.d/). It depends on how you config it at install. Also, I believe Bryan still wanted it to do internal delivery work, but just wanted to turn off the port 25 listen (can't do it without disabling exim). A better way to disable the daemon script would be to either remove the symlink in /etc/rcX.d (where X = your default run-mode as defined in /etc/inittab) or rename it from S??exim to K??exim in your default run-mode (either way works). At 06:58 AM 5/24/2001 +, Jim Breton wrote: On Wed, May 23, 2001 at 11:33:40PM -0700, Eric N. Valor wrote: That pretty much turns off exim altogether. Actually the script in /etc/init.d/ will start exim in stand-alone mode if you disable the listener in inetd.conf. So you will still have it listening on 25/tcp. While effective for disabling the Port 25 listen, it doesn't allow Bryan to use exim for his purposes. I think he's also using it in daemon mode rather than being run from inetd. I'm not sure whether exim will still do deliveries from the queue if you disable the tcp listener (I don't use exim), but if it does, I'd suggest shutting it off altogether. Just put an exit 0 at the top of the script. (Again I'm not sure if exim will still work correctly after that, and I don't have a box handy with exim on it to test... so try it out.) -- Jim B. [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Eric N. Valor Webmeister/Inetservices Lutris Technologies [EMAIL PROTECTED] - This Space Intentionally Left Blank - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Exim will be called by its cron job, so local deliveries should work fine. Inet would only call exim, if someone connected to port 25. _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: turning off exim on port 25
Yes, Exim will still deliver from the queue (there's a cron job to run every 30 minutes), and exim will still send outgoing email if needed. I use exim on any of my machines that will not be receiving mail for a domain. By eliminating the smtp line from inetd.conf, I don't show up with an active port 25 to tempt spammers. Output of cron jobs and the like will still be passed on to my smarthost. --Rich Jim Breton wrote: On Wed, May 23, 2001 at 11:33:40PM -0700, Eric N. Valor wrote: That pretty much turns off exim altogether. Actually the script in /etc/init.d/ will start exim in stand-alone mode if you disable the listener in inetd.conf. So you will still have it listening on 25/tcp. While effective for disabling the Port 25 listen, it doesn't allow Bryan to use exim for his purposes. I think he's also using it in daemon mode rather than being run from inetd. I'm not sure whether exim will still do deliveries from the queue if you disable the tcp listener (I don't use exim), but if it does, I'd suggest shutting it off altogether. Just put an exit 0 at the top of the script. (Again I'm not sure if exim will still work correctly after that, and I don't have a box handy with exim on it to test... so try it out.) -- Jim B. [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- _ Rich Puhek ETN Systems Inc. _
turning off exim on port 25
This may be a better question for another list. I am building a firewall for my home LAN. I have exim configured for local delivery only (the only thing I want it to do is move email from root to another userid). Even though I have configured exim for only local delivery, the exim daemon is still listening on port 25. Is there a flag I can use when starting up Exim so that it won't listen on port 25? Thanks, Bryan -- Bryan K. WaltonNetwork Operations Center Analyst Berbee...putting the E in businesshttp://www.berbee.com/ GPG fingerprint: BF68 340D A650 E2D7 86B9 FED5 DDFF 3EEE 3229 7B5D
Re: turning off exim on port 25
I believe it uses port 25 to talk even internally. What you can do, short of using an IPChains/Tables rule to deny external port 25 traffic, is to set the local_interface option in exim's config file. Set it to only lo and it'll only talk to the loopback device internally. For more info consult the manpage. I don't run exim or I'd try to provide further info on the config file. At 07:24 PM 5/23/2001 -0500, Bryan Walton wrote: This may be a better question for another list. I am building a firewall for my home LAN. I have exim configured for local delivery only (the only thing I want it to do is move email from root to another userid). Even though I have configured exim for only local delivery, the exim daemon is still listening on port 25. Is there a flag I can use when starting up Exim so that it won't listen on port 25? Thanks, Bryan -- Bryan K. WaltonNetwork Operations Center Analyst Berbee...putting the E in businesshttp://www.berbee.com/ GPG fingerprint: BF68 340D A650 E2D7 86B9 FED5 DDFF 3EEE 3229 7B5D -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Eric N. Valor Webmeister/Inetservices Lutris Technologies [EMAIL PROTECTED] - This Space Intentionally Left Blank -
Re: turning off exim on port 25
Thanks to Tod and Eric for their ideas on how to make Exim quit running on port 25 and only listen on localhost. Here is what I did. I edited my exim.conf file and added the following: local_interfaces = 127.0.0.1 Thanks again! Bryan On Wed, May 23, 2001 at 05:43:39PM -0700, Eric N. Valor wrote: I believe it uses port 25 to talk even internally. What you can do, short of using an IPChains/Tables rule to deny external port 25 traffic, is to set the local_interface option in exim's config file. Set it to only lo and it'll only talk to the loopback device internally. For more info consult the manpage. I don't run exim or I'd try to provide further info on the config file. At 07:24 PM 5/23/2001 -0500, Bryan Walton wrote: This may be a better question for another list. I am building a firewall for my home LAN. I have exim configured for local delivery only (the only thing I want it to do is move email from root to another userid). Even though I have configured exim for only local delivery, the exim daemon is still listening on port 25. Is there a flag I can use when starting up Exim so that it won't listen on port 25? Thanks, Bryan -- Bryan K. WaltonNetwork Operations Center Analyst Berbee...putting the E in businesshttp://www.berbee.com/ GPG fingerprint: BF68 340D A650 E2D7 86B9 FED5 DDFF 3EEE 3229 7B5D -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Eric N. Valor Webmeister/Inetservices Lutris Technologies [EMAIL PROTECTED] - This Space Intentionally Left Blank - -- Bryan K. WaltonNetwork Operations Center Analyst Berbee...putting the E in businesshttp://www.berbee.com/ GPG fingerprint: BF68 340D A650 E2D7 86B9 FED5 DDFF 3EEE 3229 7B5D