[CentOS] Sendmail, localloop, and iptables -- should I be more paranoid?
Robert Moskowitz
rgm at htt-consult.comMon Nov 22 15:11:11 UTC 2010
- Previous message: [CentOS] TC Filter Flows & ESFQ - Traffic Shaping
- Next message: [CentOS] Sendmail, localloop, and iptables -- should I be more paranoid?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
By default, sendmail only listens on the localloop: DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl But by default to allow sendmail to even work the iptables entry is: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT Without this, sendmail can't even connect to localloop. But should I handedit this line to something like: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -d 127.0.0.1 --dport 25 -j ACCEPT And once you handedit iptables, you can't use the gnome firewall applet, I suspect...
- Previous message: [CentOS] TC Filter Flows & ESFQ - Traffic Shaping
- Next message: [CentOS] Sendmail, localloop, and iptables -- should I be more paranoid?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list