apache denied access to sendmail

[Amin Astaneh]

Hello-
And the plot thickens as well..

Evidently the email denied by SELinux eventually gets out on the network anyway through 
sendmail. The denial only defers the mail, so around ten minutes later the mail is sent again-
successfully however, due to sendmail making it's own request.

Here are the logs, grepping for the same set of timestamps and mail id's-


/var/log/messages

Sep 27 12:43:34 apache02 kernel: audit(1127839414.325:10): avc:  denied  { name_connect } for
pid=3948 comm="sendmail" dest=25 scontext=user_u:system_r:system_mail_t
tcontext=system_u:object_r:smtp_port_t tclass=tcp_socket

Sep 27 12:43:34 apache02 kernel: audit(1127839414.326:11): avc:  denied  { name_connect } for
pid=3948 comm="sendmail" dest=25 scontext=user_u:system_r:system_mail_t
tcontext=system_u:object_r:smtp_port_t tclass=tcp_socket


/var/log/maillog
Sep 27 12:43:34 apache02 sendmail[3948]: j8RGhYfY003948: from=apache, size=505, class=0,
nrcpts=1, msgid=<200509271643.j8RGhYfY003948 at apache02.qwik.net>, relay=apache at localhost

Sep 27 12:43:34 apache02 sendmail[3948]: j8RGhYfY003948: to=aastaneh at cmax2.com, ctladdr=apache
(48/48), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30505, relay=[127.0.0.1] [127.0.0.1],
dsn=4.0.0, stat=Deferred: Permission denied

Sep 27 12:52:04 apache02 sendmail[3953]: j8RGq3n2003953: from=<apache at apache02.qwik.net>,
size=702, class=0, nrcpts=1, msgid=<200509271643.j8RGhYfY003948 at apache02.qwik.net>, proto=ESMTP,
daemon=MTA, relay=localhost.localdomain [127.0.0.1]

Sep 27 12:52:04 apache02 sm-msp-queue[3952]: j8RGhYfY003948: to=aastaneh at cmax2.com,
ctladdr=apache (48/48), delay=00:08:30, xdelay=00:00:01, mailer=relay, pri=120505,
relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (j8RGq3n2003953 Message accepted for
delivery)

-Amin Astaneh