Warren> ... sendmail uses tcpwrappers to manage connections. (assuming that
Warren> there is a hosts.[ allow | deny ] file) Yet I can find no property in
Warren> SMF to manage this, even though there is such a property for rpc/bind
Warren> and inetd. (and those are confusing because one is "defaults" and the
Warren> other "general")
rpc/bind and inetd were written by Sun and thus were made SMF-aware. But
sendmail comes from sendmail.org and is not SMF-aware.
Warren> Is there any method to our madness regarding tcpwrappers and how it
Warren> is implemented? 'man sendmail' makes no mention of tcp_wrappers ...
Look closer; quoting sendmail(1m):
Restricting Host Access
sendmail uses TCP Wrappers to restrict access to hosts. It
uses the service name of sendmail for hosts_access(). For
more information on TCP Wrappers, see tcpd(1M) and
hosts_access(4) in the SUNWtcpd package. tcpd(1M) and
hosts_access(4) are not part of the Solaris man pages.
Warren> Is it configurable?
Yes.
Warren> and if so how? - using SMF?
No, even simpler. If you have a "sendmail:" line in /etc/hosts.{allow,deny}
then sendmail thru its libwrap interface will honor it/them.
-- John
http://blogs.sun.com/jbeck
