Hi I am trying to set up ipchains to only allow sendmail to send/process/? mail which is sent from my local machine 127.0.0.1(The machine I am running sendmail on). Currently the default settings from Redhat 7.2 are
[snip] :input ACCEPT :forward ACCEPT :output ACCEPT -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT [snip] in /etc/sysconfig/ipchains which when I run ipchains --list gives me ot@shiomi root]# ipchains --list [snip] Chain input (policy ACCEPT): target prot opt source destination ports ACCEPT udp ------ dns2.wakwak.com anywhere domain -> 1025:65535 ACCEPT udp ------ dns2.wakwak.com anywhere domain -> 1025:65535 ACCEPT udp ------ dns1.wakwak.com anywhere domain -> 1025:65535 ACCEPT tcp -y---- anywhere anywhere any -> smtp [snip] which to me looks a bit of a worry...I am not sure I like the "any-> smtp" part, does this mean at the moment anyone can use my machine to send email? What I want to know is what do I need to do to both the /etc/sysconfig/ipchains file and /etc/sendmail* files to make it so my sendmail program will only process "email send requests"(not sure of the right term here) from my local machine 127.0.0.1 Cheers Tony -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
