On Thu, 2008-04-24 at 15:45 -0500, Sean Carolan wrote:
> I have set up entries in /etc/hosts.allow and /etc/hosts.deny as follows:
>
> /etc/hosts.allow
> sendmail : 10.0.0.0/255.0.0.0
> sendmail : LOCAL
>
> /etc/hosts.deny
> sendmail : ALL
>
> When I try to connect to port 25 from an Internet host via telnet, the
> server still responds as usual. The only difference I see is this in
> my /var/log/maillog:
>
> Apr 24 15:41:49 server sendmail[20691]: m3OKfna20691: tcpwrappers
> (otherserver.example.com, xx.xx.xx.xx) rejection
>
> How do I make tcpwrappers simply drop the connection? I would prefer
> to do this with TCP Wrappers, at least until we get our official
> IPTables firewall policy worked out.
$ ldd /usr/sbin/sendmail.sendmail | grep wrap
libwrap.so.0 => /usr/lib/libwrap.so.0 (0x00319000)
tcp_wrappers never sees the connection directly. sendmail handles it
from start to end.
--
Ignacio Vazquez-Abrams <ivazqueznet@xxxxxxxxx>
PLEASE don't CC me; I'm already subscribed
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
