We need a new subject- bug fixes
Les Mikesell
lesmikesell at gmail.com
Tue Mar 6 16:25:22 UTC 2007
Steve Searle wrote:
> Around 03:51pm on Tuesday, March 06, 2007 (UK time), Aaron Konstam scrawled:
>
>>> Incidentally, I also had to open a peephole in my ADSL modem,
>>> and add a rule to shorewall to allow email in.
>> It is not dangerous at all if you have proper firewalls, The access
>> database in /etc/mail
>
> Is this true. I understood the firewall has to be open to allow
> sendmail to accept email from the internet, and that could be email for
> the domain, or email for other domains, and the firewall can't
> differentiate. Which is why sendmail needs to be configured to not
> accept email for domains other than those that are specifically
> intended.
The stock access file in the distro prevents any mail from being
accepted from outside machines unless it is addressed to the local host
or one of the names you have configured for it to accept. The idea that
sendmail automatically relays everything should have been put to rest
sometime in a previous century. And distribution configs should have
started including SMTP AUTH over ssl as the default way to permit
forwarding as a relay.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list