[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The mailq service
> On Mon, 29 Jun 1998, Oleg Polyanski wrote:
> > > Maybe it's a stupid question, but how do I stop remote machines to connect
> > > to port 174/TCP when running zmailer? I definitely don't want people to
> > > look at the mail queue on the local server.
> > > How do I tell zmailer not to accept any connections to that port (at least
> > > from the outside, I still want the mailq command to work locally)
> > use tcp wrappers.
>
> Won't work. Zmailer daemons are not invoked via the inet superserver, they
> are started from the command line and "daemonized" - they listen on the
> ports in question on their own. The tcp wrappers never get in their way -
> that is unless I can use the wrappers from within zmailer? I was looking
> for information on this topic, but alas to no avail... ;-((
./configure ... --with-tcp-wrappers=...
They work from within, naturally.
> Well, I
> thought that adding the mailq service to /etc/inetd.conf and denying
> access to it in /etc/hosts.deny would work - the assumption was that inetd
> and thus tcp wrappers will get the connection first and refuse it. But
> that doesn't work. strobe still reports the mailq service on tcp port
> 174....
And after you have tcp-wrapper code in, the strobe will still report that
the mailq service replies -- but the strobe does not TEST to see, if it
really works. (Strobe does connect(), and then close(), doesn't it?)
/Matti Aarnio <mea@nic.funet.fi>
- Follow-Ups:
- Re: The mailq service
- From: VIP Lists Account <viplists@vip.maestro.com.pl> (Mon, 29 Jun 1998 17:15:40 +0300)