[Courses] [Security] Sendmail config (was: netstat dissection)
Raven, corporate courtesan
raven at oneeyedcrow.net
Thu Mar 7 18:10:16 EST 2002
Heya --
Quoth Hamster (Thu, Mar 07, 2002 at 02:14:04PM +0100):
>>> tcp 0 0 *:http *:* LISTEN 1052/httpd
>
> Why is httpd listening on port 1052? I thought httpd was on port 80?
It's not. 1052 is the process ID of the running http server.
(That's what the -p in netstat -pl does -- shows the pids associated
with the processes listening on each port.) Http is by default on port
80, and the vast majority of the web servers out there use the default
port.
The reason that seeing the process IDs is useful is that if you
want to kill a listening service, you know which process to kill. So,
kill 1052
would kill that httpd daemon.
The ports that are open in netstat output are displayed by the
name in /etc/services (if it's available) or the number of the port (if
there is no name in /etc/services). In this case, there's a line in
/etc/services specifying the port.
raven at dahlia $ cat /etc/services | grep http
www 80/tcp http # WorldWideWeb HTTP
raven at dahlia $
> Or is it a case of this particular user set the daemon up to not listen on 80 but rather on 1052? In that case, how do requesting browsers know to go to port 1052?
You can set up Apache to do that if you want to, by putting
Port 1052
in your httpd.conf. Requesting browsers only know to go to that port if
you tell them in the URL -- they won't "find it" by default. So a URL
to a server that looks like this would be:
http://www.fakedomain.com:1052
> > (Note that if you only want to send mail from your box, and don't need to recieve mail directly to it, you can set sendmail to only listen locally.)
>
> Cool. How ? ;-) Or is that one of those nasty sendmail.cf questions?
Yes, it's sendmail.cf, but this one's not too nasty. Add
O DaemonPortOptions=Addr=127.0.0.1
to your sendmail.cf. That way it will only be listening to your
machine, and not to the Internet. (In your netstat output, you'll see
127.0.0.1:smtp instead of *:smtp.)
You may also want to add
O PrivacyOptions=goaway
to disable the VRFY command. (This keeps the SMTP server you send the
mail to from learning about the other accounts on your server. Some
SMTP servers need this to be on to accept mail, but I haven't run into
many.)
> I am using a mail client call Sylpheed. Does it (or KMail, or mail clients in general) use sendmail to send mail? Or is the sending process built into the mail client?
Ignoring the Windows world for a while -- you need an SMTP
server to send mail. In all likelihood, your Sylpheed is configured to
use your ISP's SMTP server. So Sylpheed sends mail to the SMTP server,
and then the SMTP server sends it to the recipient's mail server. (It's
also possible that it's using a local SMTP server, but I would lay odds
on the former.) Sendmail is one type of SMTP server. Postfix and Exim
and Qmail are other SMTP servers. If you poke through your Sylpheed
settings, you should be able to find out what SMTP server it's using to
send mail.
> I keep sendmail on my system because I understand (and correct me if I am wrong) but daemons like cron and syslog use sendmail to forward messages to the root mailbox.
> Am I right in assuming that if this is the only use for sendmail, then you really only need it to be listening locally??
Yes. If you don't intend for people to send mail to your
machine directly (i.e. you retrieve your mail by POP or IMAP), you only
need sendmail to be listening locally.
> Hamster (uh oh... hope I dont get eaten ;-)
Not at all. [grin]
Cheers,
Raven
"Sed, sed, awk. Like duck, duck, goose. Sync, sync, halt. It's the
order of nature."
-- me, after too long a day at work
More information about the Courses
mailing list