SendMail Help 2006-08-15 - By Rick Stevens
Back
On Tue, 2006-08-15 at 17:50 -0600, brad.mugleston@(protected) wrote:
> On Tue, 15 Aug 2006, mylar wrote:
>
> > On Mon, 2006-08-14 at 21:29, brad.mugleston@(protected) wrote:
> > > Hello, now to a different problem,
> > >
> > > I've shut down internet access to my house except during specific
> > > times of the day to cut down on the use by my teenagers. I'm doing
> > > this with my Linksys router. One thing I do have set up is a 24/7
> > > opening for my FC9 box to run Fetchmail so my online mail boxes done
> > > get too full. This seems to be working fine.
> > >
> > > BUT I also would like to open up SendMail, from all machines, so I can
> > > send email 24/7 also.
> > >
> > > Any ideas on this?
> > >
> > > Brad
> >
> > I don't know how your network is set up but can't you block access to
> > all but port 25 during those hours ?
> >
> I have the ability to block ports and I could set that up but it
> appears to block all ports when the web is locked out so I need
> to UNBLOCK ports.
>
> BUT I can give it a shot. I know SMTP is port 25 but what ranges
> do I want to block and still have usability within my home
> network? i.e. do I block 0 to 24 and then 26 to ?? or will that
> shut too much down? BTW I only have TWO ranges I can block.
Let's see if we can sort this out. First off, you have to decide if you
want all of your machines to be able to send mail directly or if you
want to designate a "mail hub" which receives mail from all of your
internal machines and sends it out on behalf of them.
For security reasons, I recommend a mail hub (only it is exposed to the
internet, centralizes virus and spam filtering, etc.). So, on all
of the machines EXCEPT the mail hub, make sure you have:
define(`SMART_HOST', `name-of-mail-hub-machine')dnl
in the sendmail.mc file. You also should decide if you want the hub
to receive mail on behalf of all your machines. If so, also define
the MASQUERADE_AS macro:
define(`MASQUERADE_AS', `host.domain.tld')dnl
Now, as to firewalls, only the mail hub needs to talk to the internet
over port 25. The rest of the machines in your network will use port
25 to talk to the mail hub. So, the firewall rules on the router should
permit the mail hub port 25 access to the internet and should block all
others. Do NOT block port 25 on any of the internal machines (either
through iptables or Windows firewalls).
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
- Rick Stevens, Senior Systems Engineer rstevens@(protected) -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- LOOK OUT!!! BEHIND YOU!!! -
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe
|
|
