On Fri, 2004-08-20 at 21:10, Bob Holtzman wrote:
> On Fri, 20 Aug 2004, Craig White wrote:
>
> > On Fri, 2004-08-20 at 00:05, Bob Holtzman wrote:
> > > I just got logwatch fired up and I'm seeing entries such as:
> > >
> > > --------------------- sendmail Begin ------------------------
> > >
> > > 1161352 bytes transferred
> > > 267 messages sent
> > > ---------------------- sendmail End -------------------------
> > >
> > > If this refers to outgoing messages from my box, I have a problem, true?
> > > I'm running RH 7.3 and checked medium security level when I installed.
> > > Any other information required?
> > ====
> > what's in /var/log/maillog ?
> >
> > what do you get from
> > rpm -qa|grep sendmail
> > cat /etc/mail/access
> > commands?
>
> I'm getting a bunch of bounce entrys, multiples of each:
>
> Aug 20 19:23:58 localhost sendmail[9563]: i7L2Nv509563:
> from=<fedora-list-bounces@redhat.com>, size=22728, class=-100, nrcpts=1,
> msgid=<1092961364.4762.4.camel@palmettodomains.com>, bodytype=7BIT,
> proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
>
> Aug 20 19:23:59 localhost sendmail[9572]: i7L2Nx509572:
> from=<Chevelle-list-bounces@chevelles.net>, size=6640, class=-30,
> nrcpts=1, msgid=<b8.6031f191.2e569f6f@aol.com>, proto=ESMTP, daemon=MTA,
> relay=localhost.localdomain [127.0.0.1]
>
> rpm -qa|grep sendmail gives:
>
> sendmail-cf-8.11.6-15
> sendmail-8.11.6-15
>
> I should have included this in my original post.
>
> The next one, I think, concerns me:
>
> [holtzm@localhost holtzm]$ cat /etc/mail/access
> # Check the /usr/share/doc/sendmail/README.cf file for a description
> # of the format of this file. (search for access_db in that file)
> # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
> # package.
> #
> # by default we allow relaying from localhost...
> localhost.localdomain RELAY
> localhost RELAY
> 127.0.0.1 RELAY
>
> Does this mean I'm an open relay?
>
> On a related note I saw this in my maillog from July 18:
>
> Jul 18 23:31:13 localhost sendmail[960]: alias database /etc/aliases
> rebuilt by root
> Jul 18 23:31:13 localhost sendmail[960]: /etc/aliases: 40 aliases, longest
> 10 bytes, 395 bytes total
>
> /etc/aliases shows redirections for all pseudo accounts to be root except
> for:
>
> newsadm: news
> newsadmin: news
> usenet: news
> ftpadm: ftp
> ftpadmin: ftp
> ftp-adm: ftp
> ftp-admin: ftp
>
> Am I confused? Damned right I am!
-----
Actually, most everything looks good from here. let's break down your
concerns...
The two items you quote from the maillog appear to be 'inbound' messages
to your domain which your server is apparently configured to accept and
the 'relay' aspect is to accept and forward to local users. The only way
to know for certain is to check the 'other' line that links to these by
message id which tells who those mails are being sent 'to'.
Sendmail 8.11.6-15 is out of date - you may want to check out apt-get or
yum and using fedora legacy to get updates...
<
http://download.fedoralegacy.org/redhat/7.3/updates/i386/>
for more specific info on using apt/yum and fedora legacy...
<
http://www.fedoralegacy.org/download/>
Seems that you should be up to 8.11.6-27
/etc/mail/access does not permit relaying by other hosts - no need to
worry about this being misconfigured
Your aliases file is normal - you can redirect root's mail to another
account (recommended practice), by adding a line something like
root: another_local_account
Craig
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)