Why do it in ipchains, why not do it in the sendmail.cf file. Have a look at RH 7.1 or 7.2 (and maybe 7.0), that has localhost-only access as the default.
On Sun, 12 May 2002 [EMAIL PROTECTED] wrote: > Hi > > I am trying to set up ipchains to only allow sendmail to send/process/? mail which >is sent from my local machine > 127.0.0.1(The machine I am running sendmail on). Currently the default settings >from Redhat 7.2 are > > [snip] > :input ACCEPT > :forward ACCEPT > :output ACCEPT > -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT > [snip] > > in /etc/sysconfig/ipchains > > which when I run ipchains --list gives me > > ot@shiomi root]# ipchains --list > [snip] > Chain input (policy ACCEPT): > target prot opt source destination ports > ACCEPT udp ------ dns2.wakwak.com anywhere domain -> >1025:65535 > ACCEPT udp ------ dns2.wakwak.com anywhere domain -> >1025:65535 > ACCEPT udp ------ dns1.wakwak.com anywhere domain -> >1025:65535 > ACCEPT tcp -y---- anywhere anywhere any -> smtp > [snip] > > which to me looks a bit of a worry...I am not sure I like the "any-> smtp" part, >does this mean at the moment anyone > can use my machine to send email? What I want to know is what do I need to do to >both the /etc/sysconfig/ipchains file > and /etc/sendmail* files to make it so my sendmail program will only process "email >send requests"(not sure of the > right term here) from my local machine 127.0.0.1 > > Cheers > > Tony > > -- Howard. LANNet Computing Associates - Your Linux people Contact detail at http://www.lannetlinux.com "I believe that forgiving them [terrorists] is God's function. Our job is simply to arrange the meeting." - General "Storm'n" Norman Schwartzkopf -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
